Physicians Ensnared in Data Breaches
Last month, the names of "private practices" reporting breaches of unsecured protected health information affecting more than 500 people were revealed when the Office for Civil Rights, (OCR) the enforcer of the HIPAA privacy and security rules, lifted the veil of anonymity on the entities.
Judging from my calls to some of these physician offices who reported breaches—and their failure to return my calls, or simply responding with terse "no comment"—many would rather remain anonymous.
But for physicians who were involved in breaches, there are lessons learned, especially for small practices. Sometimes we just assume in this highly connected digital world, that every physician has ramped up to protect his practice against illegal data theft. That's definitely not the case.
One small practice, Daniel J. Sigman, MD, PC, based in Stoughton, Mass, was hit with a breach on Dec 1, 2009, affecting 2,860 patients, according to the OCR. The OCR tally noted: theft, portable devices, and medical records.
A key problem was the manner in which the data was kept in the plastic surgeon's office. Without giving me too many specifics, Kathleen Minnock, office manager, says the data was kept in a bag —similar to a purse —and taken offsite every night.
"We have a small server like many small doctor's offices," said Minnock, office manager, noting that the way the office handled the data seemed inexpensive and convenient.
After the practice learned the data was missing, the nightmare began, she says. The first worry was whether patient data was stolen, or compromised any other way. Thankfully, that didn't occur, Minnock says, without providing details. She says patient data doesn't appear to be compromised. Federal officials, however, demanded that each patient be notified and alerted to what had happened, all 2,860 of them. And over time, Minnock says, the practice has learned the lesson of keeping good records.
OCR reports that at least 11 "private practices" reported breaches of 500 or more over the past year, involving potentially thousands of patients and files.
- Reform Puts Vise Grips on Physicians
- Medicare Opt-Out a Viable Physician Strategy
- Look Beyond Nurse-Patient Ratios
- How Physicians Can Help Ease Mental Health Provider Shortages
- NPP Demand Rising Under Value-Based Care Models
- Boston Marathon Bombing Yields Lessons for Hospitals
- Providers Lag as Consumers Set Agenda
- Physicians as Economic Powerhouses and Tech Laggards
- Hospital Groups Back NQF Report on Patient Sociodemographics
- Esther Dyson Launches Population Health Challenge