Tighten security measures to keep records safe

More than 50% of chief information officers who participated in a recent poll are "extremely concerned" about security breaches of personal health information affecting their facility. And they should be, especially as more practices are moving toward utilizing electronic mediums to communicate with their patients, colleagues, and healthcare leaders.

Various ways to keep patient and other personal health information secure from those inside or outside the practice are being more widely used. Security breaches can be averted by enacting and following these simple steps.

• Limit the number of staff members authorized to view personal health information
• Require unauthorized personnel to apply for disclosure if they need access
• Require patients to complete a release form to access their records
• Require release forms between providers except in the case of a referral
• Notify any patient older than 12 years of any request to access his or her information
• Deny any provider request if the patient objects to disclosure
• Encrypt data

A policy should be in place that outlines what information should be encrypted and how to do it.