|Patient records, like all sensitive data, are at risk of falling into the wrong hands. In 2011, Ontario’s privacy commission received 135 reports of health information privacy breaches, including missing USB keys and improperly disposed of paper records. And those are just the breaches that were reported.These breaches are not alone; more than 3 percent of Canadians surveyed say they have experienced a privacy breach related to their medical information. Although your organization and its patients are likely not at high risk, citizens seeing and hearing of these infractions may have concerns.But, you can help alleviate those concerns and build trust in your organization’s security with improved processes and communication. By being aware and ready to answer questions related to medical identity theft and data hacking, your patients will be able to relax knowing their data is in good hands.|
Keeping patients safe
As a healthcare provider, there are measures you can take to reduce the risk of medical privacy breaches and in turn, ease the minds of your patients.
- Enforce security policies: It is of utmost importance to have solid security policies and procedures in place to prevent data breaches. However, a policy alone doesn’t guarantee adherence. Compliance is a must in order to stay one step ahead of hackers. Hold regular, mandatory data safety training sessions for all employees. Encourage Q&A afterward by using “Safety” stress relievers as a reward for those who participate. Utilize training to develop a list of your organization’s top five security reminders, imprint them on notepad mouse pads and distribute one to each employee for displaying at their workstation as reinforcement.
- Amp up security: Investing in security enhancements is money well spent. The use of biometric devices such as iris scanners is expected to increase 20 percent a year over the next three years. Biometric devices recognize people’s physical traits, ensuring patients are who they say they are. And they’re not just for the likes of James Bond—iris-scanning units can be purchased for only $200 to $300. Thinking of implementing this at your practice? Get patients on board by explaining the security benefits. Make it fun and encourage participation with rewards for those who partake in this techy practice. A pair of spy-approved sunglasses or a secret agent bracelet USB make great choices.
- Maintain tight controls: Establishing tighter controls over medical devices allows for easier risk assessment and the detection of potential security breaches. Controls can include centralized inventory systems, monitoring software and strong authentication controls. Be ready to communicate the security measures you have in place—handouts that promote the safety of medical devices and the security practices you are following can help ease minds. Keep the handouts together with a clip imprinted with your contact information in case there are further questions or concerns.
- Empower patients: Empower your patients to protect their own identity. Stress the importance of closely examining explanation of benefits and invoices, and don’t forget to emphasize the importance of safeguarding health cards, office visit summaries and other health plan correspondence.
As hackers get smarter, healthcare organizations need to stay one step ahead. Strong policies, tighter controls and sound security practices can keep your patients, their identities and their medical information safe and secure.
Priest, Lisa. “A sickening side-effect of the eHealth revolution.” The Globe and Mail. 26 Jan. 2012. Web. Retrieved 01 Feb. 2014.
Kloeffler, D., and Shaw, A. “Dick Cheney Feared Assassination Via Medical Device Hacking: ‘I Was Aware of the Danger’” Abcnews.com. N.p., 19 Oct. 2013. Web. Retrieved 16 Jan. 2014.
Kleyman, Bill. “Healthcare data breach prevention: Taking a preemptive stand.” HealthITSecurity.com. N.p., 09 July 2013. Web. Retrieved 16 Jan. 2014.
Hallam, Kristen. “Biometric Technology Combats Medical Identity Theft.“ Businessweek.com. N.p., 9 May 2013. Web. Retrieved 16 Jan. 2014.
“6 Ways Health Care Providers Can Reduce Medical Device Security Risks.” Deloitte CIO – WSJ. N.p., 05 Nov. 2013. Web. Retrieved 16 Jan. 2014.