OCR Acting Director Robinsue Frohboese says the new rule creates a new standard of accountability for the healthcare industry and its ancillary businesses. "These protections will be a cornerstone of maintaining consumer trust as we move forward with meaningful use of electronic health records and electronic exchange of health information," Frohboese says.
This is all good. A public that is apparently willing to believe health reform is about "death panels pulling the plug on grandma" is also nervous about a government push for HIT and electronic health records. Though HIT has the capacity to drastically reduce personal medical information breaches, it gets a lot of media attention when breaches occur. The late actress Farah Fawcett and California First Lady Maria Shriver were among the high-profile people who had their medical files illegally accessed recently.
The public doesn't like the idea that their deeply personal information, including their medical history, could be Shanghaied by hackers--from Shanghai or Burbank. They need to feel confident that HIT is secure, especially now that the federal government is preparing to drop about $20 billion to accelerate HIT implementation. To make this work, the healthcare industry has to be committed to patient security too.
Bring up HIPAA and the final rule with your staff. It's a simple concept that can be summed up in two words: don't snoop. Your employees should already know this. The federal government has made it clear that they are taking patient confidentiality quite seriously. Now's a good time to make sure your staff got the message too.