Health IT and Electronic Health Activate your FREE membership today |  Log-in
5 pts.
 Pre and post breach best practices…
What are the top 3-5 things my hospital staff can do now to protect ourselves from a breach and handle the expanded liability to BAs? What about best practices post-breach? Effective solutions used?
ASKED: March 10, 2010  6:03 PM
UPDATED: April 1, 2010  1:46 am

Answer Wiki:
There are two items to consider: 1. Don't let it happen in the first place. I may be stating the obvious here, but technology AND good practices can prevent security breaches. Protecting against privacy breaches is a little more tricky, as fully authorized users can commit privacy breaches under the rules. I elaborate on the topic in <a href="http://community.citrix.com/display/ocb/2010/03/02/HIPAA+and+HITECH+-+Made+Easier+with+Citrix">this article</a>: A good starting point on the latter topic is having an honest conversation with your staff. When I worked at a major health IT vendor in technical services, we had almost unlimited access to customer systems and data for the purpose of providing technical support. Because we had several local customers, this meant we also had access to our own health records and those of co-workers and friends. On day one of the new employee orientation, we were informed of a zero-tolerance policy when it came to looking at people's record without a good business reason, including our own. The words: "The day you look up your own record you will not only find out that you have cancer, but also that you've lost your job." still ring in my mind. Protecting against privacy breaches under the rule will require all organizations to establish firm policies and educate all clinical and technical staff about the impact of the regulation on their daily work. 2. If it does happen, you have to comply with the regulation and notify the affected patients and potentially the secretary of HHS. Do a post-breach analysis to find out exactly what happened and use this to educate your staff on how to prevent future breaches. Florian Becker twitter: <a href="http://twitter.com/florianbecker">@florianbecker</a>
Last Wiki Answer Submitted:  April 1, 2010  1:46 am  by  FlorianB   195 pts.
All Answer Wiki Contributors:  FlorianB   195 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: