Employees Compromise EHRs – How Can Hospitals Protect Patient Data?

Employees Compromise EHRs – How Can Hospitals Protect Patient Data?

Aug 25, 2020, 5:26:33 AM Tech and Science

As harsh as it may sound, employees getting fired for accessing medical records without any malicious intent is very common. More than 4.5 million records were compromised in unauthorized access or disclosure incidents caused by employee errors, negligence, and acts by malicious insiders in 2019, according to the HIPAA data breach statistics report. Thus, providers need to find out strategies to protect patient data better. 

In 2019 Northwestern hospital dismissed nearly 50 employees for accessing a celebrity’s medical record without consent. Recently mentioned in another similar series of unfortunate events is the Hawaii Pacific Health in Honolulu.  

Hawaii Pacific Health discovered that an employee had erroneously accessed patients’ medical records. As a result, 3772 patients’ records may have been compromised, according to the HHS Office for Civil Rights data breach portal. The employee who worked at Straub Medical Center was later terminated. The organization believes that the employee only acted out of curiosity and did not intend to embezzle their identities. 

Consequences associated with compromised medical records

Medical records that may have been compromised include name, addresses, phone numbers, email addresses, dates of birth, religion, race/ethnicity, Social Security numbers, medical record numbers, primary care providers, dates of services, appointment notes, hospital account numbers, department names, provider names, account numbers, and health plan names.  

Nevertheless, accidental disclosure of sensitive personal information may lead to severe consequences, and lead to medical identity theft or even worse. If it falls into the wrong hands, this information can be used for theft or personal gains. The culprit may also fraudulently obtain medical benefits or sell this information to third parties, who may then misuse them.  

Healthcare organizations plagued by patient data breaches have had a sustained impact. Patient-trust is the driving force for effective and quality clinical practice. When an incident similar to Hawaii Pacific Health occurs, it will cause financial and reputational losses to medical service providers. On the bright side, Hawaii Pacific Health will provide the affected patients with free credit monitoring and identity restoration services for one full year. However, as data breaches make hospitals more vulnerable to identity theft, hospitals will again face an increasing administrative burden.

What can the healthcare providers do to protect patient data?

Currently, Hawaii Pacific Health is looking for alternatives and is willing to invest in technology. Technology can help prevent repercussions, such as medical identity theft. Nonetheless, compromised data can be easily safeguarded with a biometric patient identification platform that prevents unauthorized access. 

RightPatient – Biometric Patient Identification Platform

RightPatient has been serving several healthcare providers and medical institutions to avert repercussions like illegal access to patient data, and ultimately preventing medical identity theft. RightPatient is the most advanced biometric patient identification platform that can protect patient data by preventing inappropriate access to patient medical records.

Published by Salman Rashid

Reply heres...

Login / Sign up for adding comments.