Privacy and security are critical success factors in the movement toward electronic health (EHR) adoption. Protecting consumer information is on the national agenda for the 21st century through continued legislative and regulatory changes, and governmental and private initiatives.
Health & Human Services reports that since the HIPAA privacy rule was implemented in 2003, there have been more than 48,000 complaints filed. Most frequent issues investigated are: impermissible uses and disclosures of protected health information (PHI); lack of safeguards for PHI; and lack of patient access to their PHI.
The most common types of covered entities required to take corrective action are (in order of frequency): private practices, general hospitals, and outpatient facilities. All health care workers need to do their part to:
- access confidential information only on your own patients as needed to treat them;
- protect your computer passwords; this is the audit trail for inappropriate use;
- treat patient information the way you would want your own information treated;
- curb human nature for curiosity/sharing to maintain your patient’s trust with the system;
- remind others of their responsibilities.
Privacy and security are everyone’s responsibility.