Employees Can Compromise Medical Records – How Can Hospitals Protect Patient Data?
As harsh as it may sound, employees getting fired for accessing medical records without any malicious intent is very common. More than 4.5 million records were compromised in unauthorized access or disclosure incidents caused by employee errors, negligence, and acts by malicious insiders in 2019, according to the HIPAA data breach statistics report. Thus, providers need to find out strategies to protect patient data better.
In 2019 Northwestern hospital dismissed nearly 50 employees for accessing a celebrity’s medical record without consent. Recently mentioned in another similar series of unfortunate events is the Hawaii Pacific Health in Honolulu.
Hawaii Pacific Health discovered that an employee had erroneously accessed patients’ medical records. As a result, 3772 patients’ records may have been compromised, according to the HHS Office for Civil Rights data breach portal. The employee who worked at Straub Medical Center was later terminated. The organization believes that the employee only acted out of curiosity and did not intend to embezzle their identities.
Consequences associated with compromised medical records
Medical records that may have been compromised include name, addresses, phone numbers, email addresses, dates of birth, religion, race/ethnicity, Social Security numbers, medical record numbers, primary care providers, dates of services, appointment notes, hospital account numbers, department names, provider names, account numbers, and health plan names.
Nevertheless, accidental disclosure of sensitive personal information may lead to severe consequences, and lead to medical identity theft or even worse. If it falls into the wrong hands, this information can be used for theft or personal gains. The culprit may also fraudulently obtain medical benefits or sell this information to third parties, who may then misuse them.
Healthcare organizations plagued by patient data breaches have had a sustained impact. Patient-trust is the driving force for effective and quality clinical practice. When an incident similar to Hawaii Pacific Health occurs, it will cause financial and reputational losses to medical service providers. On the bright side, Hawaii Pacific Health will provide the affected patients with free credit monitoring and identity restoration services for one full year. However, as data breaches make hospitals more vulnerable to identity theft, hospitals will again face an increasing administrative burden.
What can the healthcare providers do to protect patient data?
Currently, Hawaii Pacific Health is looking for alternatives and is willing to invest in technology. Technology can help prevent repercussions, such as medical identity theft. Nonetheless, compromised data can be easily safeguarded with a biometric patient identification platform that prevents unauthorized access.
RightPatient – Biometric Patient Identification Platform
RightPatient has been serving several healthcare providers and medical institutions to avert repercussions like illegal access to patient data, and ultimately preventing medical identity theft. RightPatient is the most advanced biometric patient identification platform that can protect patient data by preventing inappropriate access to patient medical records.
How does it work?
During registration, patients will need to provide their biometric information (facial photos, irises, fingerprints) to the hospital. With the help of biometric encryption technology, patients’ medical data will be kept locked and secured. The next time patients come to receive medical services, all they need to do is look at the camera or perform a fingerprint scan to unlock their data in seconds. This technology automatically prevents illegal access to medical records, as to access the data, you will need the patient’s authentication.
When all is said and done
There is no doubt that the patient’s medical record should be kept confidential, but the crux of the matter is human errors are inevitable. Hospitals should be aware and willing to invest in technologies that can prevent more damage and open the door to more opportunities for quality health service.