Privacy and the Health Care Industry – How Safe is Safe?

Have you visited a health care professional lately? Chances are some aspect of your appointment was recorded on a computer system. If nothing else, your personal information was noted so that reception can reach you in case of an emergency, or to book a follow-up appointment. Technology isn’t a new sight in hospitals, either. It’s not uncommon to have your attending physician refer to a tablet device when making their rounds. Electronic Medical Records (EMRs) are now widely used, reducing the need for paper copies of patient files.  Technological advances are increasingly becoming the new face of your health care experience. But how certain are you that your information is being protected?

A vulnerable industry
A yearlong study by the Washington Post found that the healthcare industry is one of the most vulnerable when it comes to online attacks. Easy to infiltrate sites as well as lax password security within hospitals do nothing to remedy the troubling situation. A move to online documents may be beneficial in organizing a system that has long been paper based, but it is not always mindful of patient privacy. In fact, according to HIPAA records, since 2009 nearly 21 million Americans have had their EMRs stolen or lost. One of the largest breaches occurred when back up tapes containing medical records were lost, potentially revealing not only the health records of 4.9 million patients, but also their social security numbers and personal contact information. Although the health care industry may be trying to implement effective online record sharing, these breaches demonstrate that they haven’t had the success they’ve set out to achieve.

Collaboration is key – but at what cost?
Data concerning a patient’s health deserves to be treated with the highest level of privacy and security. While it needs to be guarded, it is also some of the most shared, too. Once you factor in doctors, nurses, and specialists that are involved in treatment plans, this secure information will be seen by many audiences in order to ensure that the patient is receiving top treatment. Medical professionals need to work collaboratively. Taking away their ability to share notes within diagnostic teams could have negative repercussions in patient care; however, promoting collaboration should not come at the cost of the patient’s valuable information.

Next steps
It’s clear that forsaking a collaborative environment is not the right answer for medical professionals. Too much of what they do, and the positive results they achieve, are based on working together to come up with the best solutions for the patient. However, it is readily apparent that changes are required to ensure that privacy and security are number one. Steps must be taken to keep files off of portable devices, locating them instead inside a secure cloud that offers encryption and password protection. There needs to be a better system for teaching cyber security in a top down format – first imparting knowledge to administrators, and having that important information filter down to front-line practitioners. Security must be engrained in corporate culture, with active role modelling demonstrating the importance of password protection amongst staff and how to effectively use online record keeping to preserve security. The resources exist to implement better security within a health care setting, but to achieve real success there needs to be a full industry buy-in.

Do you work in the healthcare industry? Or are you a patient concerned about how your records are maintained? Leave a comment and let us know.

Add Comment