Events Calendar

Today
Mon
Tue
Wed
Thu
Fri
Sat
Sun
M
T
W
T
F
S
S
28
29
30
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
1
C.D. Howe Institute Roundtable Luncheon
C.D. Howe Institute Roundtable Luncheon
2014-04-28    
12:00 pm - 1:30 pm
C.D. Howe Institute
Navigating the Healthcare System: The Patient’s Perspective Please join us for this Roundtable Luncheon at the C.D. Howe Institute with Richard Alvarez, Chief Executive Officer, [...]
More Info
DoD / VA EHR and HIT Summit
DoD / VA EHR and HIT Summit
2014-05-06    
All Day
The Mary M. Gates Learning Center
DSI announces the 6th iteration of our DoD/VA iEHR & HIE Summit, now titled “DoD/VA EHR & HIT Summit”. This slight change in title is to help [...]
More Info
Electronic Medical Records: A Conversation
Electronic Medical Records: A Conversation
2014-05-09    
1:00 pm - 3:30 pm
H.F. DeLuca Forum, Wisconsin Institutes for Discovery
WID, the Holtz Center for Science & Technology Studies and the UW–Madison Office of University Relations are offering a free public dialogue exploring electronic medical records (EMRs), a rapidly disseminating technology [...]
More Info
The National Conference on Managing Electronic Records (MER) - 2014
The National Conference on Managing Electronic Records (MER) - 2014
2014-05-19    
All Day
THE WESTIN MICHIGAN AVE (Headquarter Hotel)
" OUTSTANDING QUALITY – Every year, for over 10 years, 98% of the MER’s attendees said they would recommend the MER! RENOWNED SPEAKERS – delivering timely, accurate information as well as an abundance of practical ideas. 27 SESSIONS AND 11 TOPIC-FOCUSED THEMES – addressing your organization’s needs. FULL RANGE OF TOPICS – with sessions focusing on “getting started”, “how to”, and “cutting-edge”, to “thought leadership”. INCISIVE CASE STUDIES – from those responsible for significant implementations and integrations, learn how they overcame problems and achieved success. GREAT NETWORKING – by interacting with peer professionals, renowned authorities, and leading solution providers, you can fast-track solving your organization’s problems. 22 PREMIER EXHIBITORS – in productive 1:1 private meetings, learn how the MER 2014 exhibitors are able to address your organization’s problems. "
More Info
Chicago 2014 National Conference for Medical Office Professionals
Chicago 2014 National Conference for Medical Office Professionals
2014-05-21    
12:00 am
Sheraton Chicago Hotel & Towers
3 Full Days of Training Focused on Optimizing Medical Office Staff Productivity, Profitability and Compliance at the Sheraton Chicago Hotel & Towers Featuring Keynote Presentation [...]
More Info
Events on 2014-04-28
C.D. Howe Institute Roundtable Luncheon
C.D. Howe Institute Roundtable Luncheon
28 Apr 14
Toronto
Events on 2014-05-06
DoD / VA EHR and HIT Summit
DoD / VA EHR and HIT Summit
6 May 14
Alexandria
Events on 2014-05-09
Electronic Medical Records: A Conversation
Electronic Medical Records: A Conversation
9 May 14
Orchard
Events on 2014-05-19
The National Conference on Managing Electronic Records (MER) - 2014
The National Conference on Managing Electronic Records (MER) - 2014
19 May 14
Chicago
Events on 2014-05-21
Chicago 2014 National Conference for Medical Office Professionals
Chicago 2014 National Conference for Medical Office Professionals
21 May 14
Chicago
Articles

Best Practices for Protecting Patient Data

November 11, 2020
cloud computing in healthcare

Best Practices for Protecting Patient Data

Data is vital to health care systems. It gives providers the information they need to care for patients. Because health care workers are entrusted with such sensitive and personal information, it is important to take steps to protect it. Records must be safeguarded as they are entered into computer systems, received from other providers and released to outside sources.

As a provider, you likely understand the challenges in keeping health information private. Here are a few steps to take that can help protect sensitive data.

Protect Records From Outside Threats

In health care systems, cybersecurity is vital. It helps keep patient information from being compromised by outside sources.

What is cybersecurity? Essentially, it is the act of defending data from outside attacks. Information breaches can take many forms, but some of the most common are:

  1. Phishing attacks: Criminals attempt to get sensitive information through communication that looks legitimate, such as emails designed to appear that they are from a company you trust.
  2. Malware: This is software designed to damage a computer or the data it contains.
  3. Ransomware: As the name suggests, a system is compromised and data is withheld until the victim pays the criminal for its release.

Computer intrusion can threaten any business, but it prevails in the healthcare industry. In addition to computer systems, medical devices such as ventilators, CT scanners, dialysis machines and infusion pumps can also be reached by attackers.

Cybersecurity can be improved in health care systems by creating a security culture among staff, using a firewall, keeping anti-virus software up to date, using strong passwords and changing them regularly and limiting data access to personnel on an as-needed basis.

Enforce and Maintain HIPAA Compliance

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides specific rules for the protection of medical information. Healthcare providers must comply with these rules. Providers and staff need to complete training and take refresher courses every two years.

Enforcing HIPAA compliance will help protect patient data. There are many options for HIPAA training and providers can choose what type of courses suit the needs of their organization.

Communicate With Health Care Partners

To the extent possible, health care providers can reach out to partners to understand their security policies. Helpful information may include who has access to patient data, when and where it will be sent and how it will be transmitted. Health care partners can be allies as you strive to protect patients’ sensitive information.

Use a Secure Email Service

Attackers can intercept your emails and read them without permission. In fact, email is one of the most common ways to breach data. It is one reason, for example, that banks and credit card companies do not send statements to their customers via email. Email systems that encrypt transmission will help secure communication between patients and providers. Health care providers can choose services that provide end-to-end encryption, which is HIPAA compliant. Once a secure email system is in place, staff may need to be trained in keeping email secure.
Emails sent behind a firewall do not need to be encrypted, but those sent beyond the firewall will need encryption.

Teach Staff to Keep Information Private

Outside of the computer system, data still has a chance to be compromised verbally or through printed documents. Staff can be educated on ways to protect patients’ privacy by:

  •  Holding sensitive conversations behind closed doors.
  • Removing information from printers, copiers and fax machines as soon as possible.
  •  Keeping patient information away from places unauthorized staff or patients may see it, such as counters or desktops.
  •  Storing personal information in a locked drawer or cabinet.
  •  Protecting computer monitors from being viewed by unauthorized people.
  •  Shredding documents that are no longer needed.

Protecting data that is shared verbally or on paper is as important as safeguarding cyber data.

Patients trust their health care providers to keep sensitive information protected. It requires vigilance, but taking measures to safeguard patient records keeps you in compliance and earns your patients’ trust.

Post Views: 783
Tags