How much is your information worth? How much is your SSN worth? How much is your medical ID number worth? These are the type of questions the PHI Protection Network is helping organizations answer because if you don’t know the value of your assets, how can you make the proper investment to protect them. Computers, desk, equipment are very easy to value but data, records, and information are a different beast.
How do you quantify the value of PHI?
Dick Wolfe, a professor of health care administration at Washington Adventist University, said that many privacy professionals struggle to get sufficient money, time, people, and other resources because the financial impact of PHI protection programs is not always clear.
“A successful PHI privacy effort can safeguard an organization’s financial resources against fines and court judgments, protect its reputation as a trusted member of the professional community, protect the career prospects and reputations of individual staff, and earn the respect of accrediting and compliance agencies,” Wolf said. “The task for privacy advocates is to make a strong case to managers that funding effective PHI protection is the right and smart thing to do.”
Once board-level executives understand the value of PHI to their organization, they can make the appropriate level of investment to protect it. Indeed, patient information needs to be as secure as the drug cabinet. You just don’t give people the key and let them have access to it.
As a healthcare privacy officer, knowing the value of PHI gives you more power or leverage to go to the higher ups and ask for the appropriate budget to protect that information. An ounce of HIPAA privacy prevention is worth a pound of healthcare data breach response. In other words, one is cheaper than the other!
You can read the whole article here: What is your PHI worth?