From our partners at Software Advice comes this nice summary of the recent history of HIPAA violations and breaches. Physicians looking at EMR systems are concerned about the the security of patient records, particularly those systems that reside on the ‘cloud’ – basically, this is when the data is stored remotely from where the practice or hospital is.
But as Michael Koploy points out, the recent well-documented instances of HIPAA violations were due to security breaches involving stolen computers or hard drives, or employee misconduct, not anarchists hacking into medical databases.
The truth is that security breaches involving paper charts are much easier and more likely than electronic breaches (imagine the cleaning staff walking into your unsecured paper records room). This is why it’s safer to use a debit card at the supermarket – it is much easier for someone to rip you off using the information printed on your paper check. It just so happens that the emergence of electronic medical records systems is coinciding with tougher new regulations that have more of a ‘bite’ than previous legislation.
So, most cases of breaches have more to do with people you know than someone anonymous. And with a little proper planning and continual training of staff, your practice can hopefully keep its name off the HHS wall of shame.