‘The readily available sources for implementing security-rich technology platforms should not only make your search easier but also ensure Patient Privacy Compliance by sage-guarding critical information against undesirable proliferation, and sharing information only at the behest of patients’.
Although there have been sporadic incidents of patient privacy breach, yet, the recent episode reported in a recent New York Times article (September 8th, 2011) – wherein Stanford Hospital and Clinics was quoted as saying that a spreadsheet of patient medical information, including names and diagnoses of more than 20,000 emergency room patients, was accidentally posted to a website, and remained posted for a more than a year – shows the extent of its severity. Whereas most of the hospitals, clinics, and physician practices have a secure system in place to safeguard privacy of patient information, still, the technology vulnerability, along with human negligence, remains a major impediment to shielding patient privacy from undesirable proliferation.
Technology Vulnerability has many faces
Human Negligence
Irrespective of whether the violation is technical or human, HIPAA has a very strict regimen in place, which is authorized to impose both criminal penalties and monetary penalty (amended from $250,000 to $1.5 million through the recent HITECH Act) on the violating institution and the individuals.
Apart from negative repercussions on the patients concerned, any breach in confidentiality – even the one that seems minor – can spread mistrust, and affect your credibility in the medical fraternity. Therefore, physicians/hospitals/multispecialty groups have a greater responsibility in not only safeguarding their patients’ confidentiality, but also keeping their credibility unblemished. Alternatively, they can, if hedged with limited resources, apprise their patients of their limitation in patient privacy practice, to avoid facing embarrassment subsequently.
Although HIPAA has authorized, under certain exceptional circumstances, covered entities to release protected health information without authorization only to facilitate treatment, payment or health care operations, usually physicians are prohibited from disseminating patient-centric information that can have emotional, personal, social, financial, and ethical repercussions. Thus, the onus is substantially on the physicians/clinics/hospitals/multispecialty groups to safeguard their patients’ confidentiality.
Given the history of unimpressive success rate from internally implemented Patient Privacy Regime, it is advisable that physicians consult proven sources that have competencies in installing secure technology interface, and properly orienting your staff to the requisite operations – which is likely to result in best practices in Patient Privacy as mandated by the HIPAA, and render transition to the ensuing HIPAA 5010 easier.
The readily available sources for implementing security-rich technology platforms should not only make your search easier but also ensure Patient Privacy Compliance by safe-guarding critical information against undesirable proliferation, and sharing information only at the behest of patients.
Medicalbillersandcoders.com, who have a unique approach – combination of implementing security-rich technology platforms with prior orientation to your in-house staff on operational and administrative issues – that can mitigate the probability of embarrassment emanating from undesirable breach of patient privacy.