I don’t think that many people give much thought to where their personal, protected health information resides and how it is used. I think this should change.
Wilmington, NC (PRWEB) July 08, 2014
Author, and healthcare data privacy and security expert Bernard Peter Robichau has issued a challenge to the healthcare establishment in his new book, Healthcare Information Privacy and Security: Regulatory Compliance and Data Security in the Age of Electronic Health Records. As massive amounts of patient data makes its way from paper charts into databases across the country, healthcare systems and physician practices should be working hard to assure that this highly sensitive information is protected and secured.
“The last year has been a huge wake up call for the general public in regards to data privacy. The NSA is now a household name. I don’t think that many people give much thought to where their personal, protected health information resides and how it is used. I think this should change,” said Robichau.
The book outlines the new healthcare regime, ushered into place by the HITECH Act, which was part of the landmark 2009 American Recovery and Reinvestment Act. These key pieces of legislation promoted the adoption of new technologies that would digitize patient health data.
“The government did a great job incentivizing the transition of sensitive health data from paper to databases. What the federal government has not done well in the past is enforcing laws requiring privacy and security related to patient data, and healthcare providers know this,” said Robichau. “Some organizations are simply willing to let lax practices exist because the risk of being caught is low.”
While there still are not adequate enforcement mechanisms in place, the tide might be turning. On May 7, 2014, the Department of Health and Human Services fired a warning shot across the bow when it issued a press release related to fines levied against New York-Presbyterian Hospital totaling $4.8 Million, all because of poor patient privacy practices related to their poor management of technology.
This is the largest such fine to date, and it sends a clear message to healthcare executives across the country. Get your privacy and security house in order.
Robichau points out that his book leads the healthcare professional, whether management or technical staff, through the process of building a secure medical record system, assuring that patient data remains private, as it should be. “Patients have a right to know that their private data is being held securely, and healthcare systems should consider this responsibility as basic as providing a paycheck to employees or keeping the lights on.”
As Dr. Michael Sanders, Chief Medical Information Officer at Flagler Hospital in St. Augustine Florida says in the foreword to the book, “What Peter Robichau has given you in this marvelous book is not only a great plan for the organization of EMR security, but also a mindset to approach the data and its care. Follow its principles, and your organization will sleep well at night. Ignore some steps, and your organization and your organization risks great peril and embarrassment, as well as financial punishment.”
In addition to the book, Robichau has released a companion “Privacy and Security Campaign Kit,” which consists of a short eBook, and high quality, digital downloads of 10 privacy and security campaign posters that can be used to train users to abide by common privacy and security practices in a healthcare setting.
“If you have done everything else right, but have not educated your staff, then you will have lost!” says Sanders.
The book, published by Apress Media, was released on Wednesday, June 25, and can be purchased at your local bookseller or online at any major retailer. The companion eBook and “Campaign Kit” is available at robichau.com. For more information on healthcare privacy and security, visit http://www.himfosec.com, and for more information about the author, visit his website at http://www.robichau.com.