As we move more and more to a tech-centric society, the world of data security and privacy becomes increasingly complicated. With muddied laws and handling of patient data the healthcare industry is working through this complex web and continuous challenges that come along with technology.
Elizabeth Litten, HIPAA privacy and security officer at Fox Rothschild, said, “the need to de-identify data has become a concern in healthcare.” She went on to say that, “removing required patient identifiers is sometimes necessary.”
HIPAA is a United States law that was designed to provide privacy standards to protect healthcare patients’ medical records and other sensitive health information that is provided and shared with healthcare plans, hospitals/care providers, and doctors.
So what exactly is covered by HIPPA?
Litten explained, "If you're using an app because your doctor arranged for it, and there's some communication with your doctor, then it's subject to HIPAA. But if you download something from Apple or Amazon, that's not subject to HIPAA. I think it's understandable that there's a lot of confusion about that.”
Often patients have no idea what their data is being used for, so as a society, not just in healthcare, we need to be better about providing clear understanding of what is happening with a person’s data, and we as users need to be better about taking the time and reading through disclosure verbiage rather than just clicking the ‘I agree to the terms’ button.
Understanding how our data is being used and protected is one concern, but who can gain access to our data is another, and as long as there is sensitive data out there, malicious individuals are going to attempt to gain access to it.
Healthcare, like many other industries, is struggling to stay ahead of data breaches. Recently we’ve seen Target, Capitol One, and high-ranking healthcare institutions become victims of data breaches.
One way organizations can stay one step ahead of these hackers, according to Litten, “is to constantly be training staff members and paying attention to the trends. It's also effective to have system segregation in place so information doesn't spread easily from one pocket to another. One way to think of it is as security housekeeping: Know where the data is, know how it fits, and don't hold onto data in perpetuity if nothing is being done about it. Failure to do so puts a bullseye on organizations’ backs.”
Organizations need to find a balance with access requests, because while they want data to be as secure as possible, you don’t want to hinder care by placing too many roadblocks to accessing a particular patient’s data.
Here at Extract, we believe that patient privacy and care are of utmost importance. We’ve created a platform that makes it faster and easier for providers to treat and care for its patients and produce better health outcomes, securely! Reach out today to learn more.
About the Author: Taylor Genter
Taylor is the Marketing Specialist at Extract with experience in data analytics, graphic design, and both digital and social media marketing. She earned her Bachelor of Business Administration degree in Marketing at the University of Wisconsin- Whitewater. Taylor enjoys analyzing people’s behaviors and attitudes to find out what motivates them, and then curating better ways to communicate with them.