Events Calendar

Today
Mon
Tue
Wed
Thu
Fri
Sat
Sun
M
T
W
T
F
S
S
29
30
31
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
1
The International Meeting for Simulation in Healthcare
The International Meeting for Simulation in Healthcare
2015-01-10 - 2015-01-14    
All Day
Ernest N. Morial Convention Center
Registration is Open! Please join us on January 10-14, 2015 for our fifteenth annual IMSH at the Ernest N. Morial Convention Center in New Orleans, Louisiana. Over [...]
More Info
Finding Time for HIPAA Amid Deafening Administrative Noise
Finding Time for HIPAA Amid Deafening Administrative Noise
2015-01-14    
1:00 pm - 3:00 pm
Online
January 14, 2015, Web Conference 12pm CST | 1pm EST | 11am MT | 10am PST | 9am AKST | 8am HAST Main points covered: [...]
More Info
Meaningful Use Attestation, Audits and Appeals - A Legal Perspective
Meaningful Use Attestation, Audits and Appeals - A Legal Perspective
2015-01-15    
2:00 pm - 3:30 pm
Online
Join Jim Tate, HITECH Answers  and attorney Matt R. Fisher for our first webinar event in the New Year.   Target audience for this webinar: [...]
More Info
iHT2 Health IT Summit
iHT2 Health IT Summit
2015-01-20 - 2015-01-21    
All Day
Omni San Diego Hotel
iHT2 [eye-h-tee-squared]: 1. an awe-inspiring summit featuring some of the world.s best and brightest. 2. great food for thought that will leave you begging for more. 3. [...]
More Info
Chronic Care Management: How to Get Paid
Chronic Care Management: How to Get Paid
2015-01-22    
1:00 pm - 2:00 pm
Online
Under a new chronic care management program authorized by CMS and taking effect in 2015, you can bill for care that you are probably already [...]
More Info
Proper Management of Medicare/Medicaid Overpayments to Limit Risk of False Claims
Proper Management of Medicare/Medicaid Overpayments to Limit Risk of False Claims
2015-01-28    
1:00 pm - 3:00 pm
Online
January 28, 2015 Web Conference 12pm CST | 1pm EST | 11am MT | 10am PST | 9AM AKST | 8AM HAST Topics Covered: Identify [...]
More Info
Events on 2015-01-10
The International Meeting for Simulation in Healthcare
The International Meeting for Simulation in Healthcare
10 Jan 15
New Orleans
Events on 2015-01-14
Finding Time for HIPAA Amid Deafening Administrative Noise
Finding Time for HIPAA Amid Deafening Administrative Noise
14 Jan 15
Online
Events on 2015-01-15
Meaningful Use Attestation, Audits and Appeals - A Legal Perspective
Meaningful Use Attestation, Audits and Appeals - A Legal Perspective
15 Jan 15
Online
Events on 2015-01-20
iHT2 Health IT Summit
iHT2 Health IT Summit
20 Jan 15
San Diego
Events on 2015-01-22
Chronic Care Management: How to Get Paid
Chronic Care Management: How to Get Paid
22 Jan 15
Online
Events on 2015-01-28
Proper Management of Medicare/Medicaid Overpayments to Limit Risk of False Claims
Proper Management of Medicare/Medicaid Overpayments to Limit Risk of False Claims
28 Jan 15
Online
Articles

Best Practices for Protecting Patient Data

November 11, 2020
cloud computing in healthcare

Best Practices for Protecting Patient Data

Data is vital to health care systems. It gives providers the information they need to care for patients. Because health care workers are entrusted with such sensitive and personal information, it is important to take steps to protect it. Records must be safeguarded as they are entered into computer systems, received from other providers and released to outside sources.

As a provider, you likely understand the challenges in keeping health information private. Here are a few steps to take that can help protect sensitive data.

Protect Records From Outside Threats

In health care systems, cybersecurity is vital. It helps keep patient information from being compromised by outside sources.

What is cybersecurity? Essentially, it is the act of defending data from outside attacks. Information breaches can take many forms, but some of the most common are:

  1. Phishing attacks: Criminals attempt to get sensitive information through communication that looks legitimate, such as emails designed to appear that they are from a company you trust.
  2. Malware: This is software designed to damage a computer or the data it contains.
  3. Ransomware: As the name suggests, a system is compromised and data is withheld until the victim pays the criminal for its release.

Computer intrusion can threaten any business, but it prevails in the healthcare industry. In addition to computer systems, medical devices such as ventilators, CT scanners, dialysis machines and infusion pumps can also be reached by attackers.

Cybersecurity can be improved in health care systems by creating a security culture among staff, using a firewall, keeping anti-virus software up to date, using strong passwords and changing them regularly and limiting data access to personnel on an as-needed basis.

Enforce and Maintain HIPAA Compliance

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides specific rules for the protection of medical information. Healthcare providers must comply with these rules. Providers and staff need to complete training and take refresher courses every two years.

Enforcing HIPAA compliance will help protect patient data. There are many options for HIPAA training and providers can choose what type of courses suit the needs of their organization.

Communicate With Health Care Partners

To the extent possible, health care providers can reach out to partners to understand their security policies. Helpful information may include who has access to patient data, when and where it will be sent and how it will be transmitted. Health care partners can be allies as you strive to protect patients’ sensitive information.

Use a Secure Email Service

Attackers can intercept your emails and read them without permission. In fact, email is one of the most common ways to breach data. It is one reason, for example, that banks and credit card companies do not send statements to their customers via email. Email systems that encrypt transmission will help secure communication between patients and providers. Health care providers can choose services that provide end-to-end encryption, which is HIPAA compliant. Once a secure email system is in place, staff may need to be trained in keeping email secure.
Emails sent behind a firewall do not need to be encrypted, but those sent beyond the firewall will need encryption.

Teach Staff to Keep Information Private

Outside of the computer system, data still has a chance to be compromised verbally or through printed documents. Staff can be educated on ways to protect patients’ privacy by:

  •  Holding sensitive conversations behind closed doors.
  • Removing information from printers, copiers and fax machines as soon as possible.
  •  Keeping patient information away from places unauthorized staff or patients may see it, such as counters or desktops.
  •  Storing personal information in a locked drawer or cabinet.
  •  Protecting computer monitors from being viewed by unauthorized people.
  •  Shredding documents that are no longer needed.

Protecting data that is shared verbally or on paper is as important as safeguarding cyber data.

Patients trust their health care providers to keep sensitive information protected. It requires vigilance, but taking measures to safeguard patient records keeps you in compliance and earns your patients’ trust.

Post Views: 773
Tags