Creating a Culture of HIPAA Privacy and Security

Meredith Phillips knows her away around HIPAA/HITECH privacy and security.  As Chief Privacy Officer of Henry Ford Health Systems she has been in the trenches of data breach response.  After having a rough experience going it alone, Mrs. Phillips decided to turn to expert help.  When it was all said in done, Meredith created a unique privacy program that has become a part of the HFHS culture.

“Phillips knew she needed to change the culture. “I realized that I am the culture shifter. I am the human factor. We had the right words on paper. The challenge was for me to convince people that their actions need to match the words on paper. How could we help our workforce members create this as one of their core competencies? Not an afterthought but something that’s always in mind as they work with patients.”

She remembered hearing in a compliance seminar years earlier that the problem with most compliance programs is that they do not brand. “People have so much information pushed at them in the workplace that they tune out. Branding is how you get mindshare. People notice Apple because they see the apple. People know to “Just do it!” when they see the Nike swoosh.” So she asked herself, “How can I brand this program so that people pay attention?”

At the same time Phillips identified the need for a culture shift, Henry Ford hired a new CIO who had experience with privacy programs in previous roles. Phillips’ organization moved under the CIO, bringing the formerly siloed privacy and security functions under one roof. She says the alignment was a critical step towards creating effective programs. With the CIO’s support, Phillips engaged the internal marketing and PR departments to create a brand around privacy with the goal of creating a “culture of confidentiality” throughout the organization’s hospitals, clinics, pharmacies, and other operations. “I wanted to show that privacy is not just compliance, it is good business. It’s not secondary to the care process, it’s part of the care process.”

You can read the full article here – Got Privacy? — Creating a Culture of Confidentiality

About Data Breach Watch Administrator

, , , , , ,

No comments yet.

Leave a Reply