Healthcare organizations arguably hold the most personal and sensitive information that we possess. While HIPAA has provided for protection of the privacy of this information for a number of years, there appears to have been little in the way of enforcement of HIPAA during this period. With the passage of the HITECH Act, this is likely to change.
With fines now authorized for up to $1.5 million for data breach incidents, there is even more reason for hospitals, clinics, pharmaceutical and life sciences companies, and health insurers to evaluate whether they are using best practices for protecting patient privacy.
A recently published article titled “Staying HITECH-Healthy: How Healthcare Can Protect Patient Privacy” is instructive in terms of how to reduce risks while ensuring effective preparation for data breach incidents. It also outlines how organizations can treat a data breach incident as an “opportunity” to do the right thing and potentially find the silver lining in such situations by providing a caring, helpful hand to their patients.
Most of us have a choice as to where we receive our healthcare. How organizations handle, respond to, communicate with and help us with the loss of our patient data, when it occurs, can significantly effect our desire to continue to receive medical services from that institution.