Doctors conversing

Healthcare pros: Are you protecting your patients’ personal information?

Summary

5 key questions to ask your organization to protect PPI.

Read time: 3 minutes

Clean ER – check. Security systems – check. Surveillance cameras – check. You’ve gone above and beyond to make sure your hospital is safe and sound, but are you forgetting to protect the most valuable asset within your organization? What about the personally identifiable information of your patients and employees?

Your hospital circulates patients’ personal information daily, including valuable information like Social Security numbers, billing information, birthdates, medical history and many more private details that would be disastrous if they fell into the wrong hands. Have you taken the appropriate steps to proactively let your patients and employees know that you are doing everything you can to protect them from threats like data breaches and hackers?

Why not take a minute to review some key questions you should be asking of your facility, your technologies and your administration? The five minutes it might take to review these brief questions could mean the difference between relaxing after work or spending late nights in the office, pining over what you could have done differently to avoid a data breach.

Key questions you should be asking:

  • Are all workstations, including printers and multifunction devices used by clinical personnel, “locked down” with respect to securing personal health information (PHI) against unauthorized access?

  • Are my system’s encryption and decryption capabilities as strong as they could be? Do they make use of the cloud for PHI transmission and storage?

  • Does my facility require contractors with access to our data systems to complete Data Access Agreements?

  • Am I conducting and documenting a thorough and comprehensive risk assessment of my data management systems and processes every year, as required under HIPAA regulations? Does that assessment include actual simulated hacking attempts and hypothetical real-life scenarios?

  • Am I providing my staff with efficient technology and an environment that is set up for success based on their individual needs and work styles?

​90% of healthcare organizations reported they have had at least one data breach over the past two years.

Were you unsure of the answer to any of these questions? Or maybe you already knew that the response was “no?” If so, then you are not alone. According to a survey of health care providers published last year by the Ponemon Institute, about 90% of healthcare organizations reported they have had at least one data breach over the last two years. With the rise in cyber-attacks, it is more important than ever that you do all you can to make sure that data flows throughout your hospital securely.

Use the above list of questions to analyze the areas in your data management system that might be in need of some extra attention and improvements. After all, patients and employees have entrusted you with their most valuable asset – their personal information.

6 best practices to improve healthcare data security

Get the tips you need to improve PHI privacy and security with this whitepaper from Ricoh. 

Recommended for you

Defining Hacking & 11 Essential Hacking Terms
Defining Hacking & 11 Essential Hacking Terms

Defining Hacking & 11 Essential Hacking Terms

Get to know the basics of hacking with our guide to 11 key hacking terms. Uncover the vocabulary and concepts that make up the world of cybersecurity.

How a hospital used digital automation to streamline process
How a hospital used digital automation to streamline process

How a hospital used digital automation to streamline process

See how one hospital used digital automation to streamline its information management process to ensure patients received the correct pharmacy medications.

Information governance solutions
Information governance solutions

Information governance solutions

Information governance services, including policies and procedures, help you ensure data is managed, secured, shared and measured effectively.