AMDIS Connection | Protecting Privacy Without Harming Patients

Since the 2003 HIPAA Privacy Rule came into being, protection of patient privacy has become “table stakes.” 

Privacy laws keep growing stricter and more encompassing. Where HIPAA held covered entities accountable through (initially nonexistent) government audits, HITECH and other laws target organizations, individual practitioners and business associates, and have expanded the posse to include private party lawsuits, licensing boards, attorneys general and the media (through mandated press releases and “wall of shame” websites). 

A useful way to think about privacy risks is as two types: internal, temptation-driven snooping; and external attacks and theft.

External breaches tend to be large and damaging. To prevent them, define threats and apply effective countermeasures in ways that don’t interfere with patient care. Defensive layers such as firewalls, antivirus software, encryption, vulnerability scanning and commissioned (“white hat”) hacking need to be implemented and regularly assessed. Consider making exceptions for biomedical devices, care collaboration emails and release of information to patients to avoid interference with care delivery.

Password policies should allow providers rapid access to critical systems while thwarting external attackers. For example, routine password expiration stymies providers without blocking malefactors, who still have plenty of time to use a stolen password before the next expiration date.

Internal breaches tend to be individually small, but create a corrosive culture of mistrust within an organization. Prevention of snooping by insiders requires recognition that these are usually impulsive acts of temporary temptation. The key is to deter people from acting on their impulses, not to create a maze of access walls, since it is not possible to predict who will next need to access a patient’s information; and the sicker the patient, the less predictable and more critical the access needs.

Two tools, used in combination, are extremely effective at deterring snooping without interfering with care. The first, forensic data mining (system activity review in the HIPAA Security Rule), extracts privacy breach “needles” from the haystack of audit log entries. Investigating these findings and communicating about this approach leads to culture change and self-deterrence from snooping. 

The second tool, “Break the Glass” (BTG) alerts, allow tempted folks to reconsider and back out, while allowing everyone who needs it access to the patient’s chart. To avoid alert fatigue, BTG should be reserved for patients at high risk of privacy violation, and should be suppressed as much as possible when access is likely to be legitimate.

The goal is for clinicians and staff to keep their careers, have full access to the information of every patient they care for and to create a culture of privacy safety.

Keeping the twin goals of care quality and patient privacy in mind will allow provider organizations to thrive in the 21st century. 

Trimed Popup
Trimed Popup