Patients expect their healthcare providers to ensure that their personal information is protected and that their identity will not be stolen. When a person's billing information and social security number are compromised, they will likely choose another provider and may even pursue legal action against the medical facility. When one's medical conditions are revealed, this leads to even more aggravation for both patients and healthcare providers.
Hospitals and other facilities need to remain HIPAA compliant, follow all necessary security and encryption measures and train their staff on proper privacy rules. Now that medical information has been transferred to electronic medical records and other software programs such as electronic prescribing, the data is at risk of being hacked and stolen. HIPAA compliance is in place so that this doesn't happen and patient data remains safe.
FierceHealthCare outlined that, in July, the information of 4,000 patients was breached in Boston's Beth Israel Deaconess Medical Center when a computer with private data was stolen. Also, a stolen laptop belonging to the Boston Children's Hospital compromised information for more than 2,000 patients.
In fact, healthcare data breaches account for three of the major six breaches in the United States, according to the news source. Nonetheless, there are some basic steps that hospitals can take when attempting to avoid a data breach.
First, it is important to let patients know their privacy rights and provide them with clearly written forms outlining this information. Also, training staff is a good idea. If HIPAA violations did occur, it is important to confer with legal counsel and be held accountable for the situation.
"Everyone thinks everyone else is responsible," Pablo Molina, associate vice president of information technology at Georgetown University, said at a health privacy summit. "It's called 'the problem of many hands.' Accountability needs to run across the board to everyone involved."