Common Mistakes in Protecting Patient Data: How Do Providers Safeguard Themselves?
Protecting patient data (PHI) is legally and ethically on many providers’ minds when collecting and storing private information. But, a recent article indicates that mistakes happen more than most providers would like, and that there are some common mistakes that are frequently made. First, encrypting data is a step that can get overlooked. The guidelines are clear about keeping patient information confidential and requiring patients to sign consent forms in order to share that information with others. Less familiar might be the HIPAA security rule that defines precautions needed to keep patient records from falling into the wrong hands. Physicians are required to encrypt PHI both while it’s “at rest” (i.e. on a computer, smartphone, or flash drive) and while it’s being transmitted by email, fax, or any other method.
Other mistakes that providers make include clicking on links in emails or phishing scams and creating easily hackable passwords. The author suggests adding a unique character to passwords to make them less identifiable. Other pitfalls mentioned in the article are failing to keep software updated, that’s when security patches are rolled out, and using computers and smartphones in places where Wi-Fi is not secured. The author points out that these mistakes can be costly not only due to fines and legal fees, but they also affect practices when there is a loss of patient trust if a breach occurred.
Byline: Martha L. Sikes, MS, RPh, PA-C
Source: 4 Big Mistakes Doctors Make in Protecting Patient Data | Medscape. Jun 29, 2016
Adapted from the original article.
[Image: Pixabay / Geralt]