Hospital Privacy, Security Officers Make Their Wish Lists

That would eliminate worries for privacy and security officers about seeing their facility's name on the OCR website for breaches, on the front page of the local paper, or as a lead story on the local television news report, he says.

Encrypted portable devices would also save headaches, says Davis, "so when they are lost or stolen there is no threat of PHI disclosure."

7.      Safe use of social networking websites. "I wish all social networking sites were equipped with tools that prevented anyone from posting any patient-related information," says Ruelas. That would help mitigate people being surprised by "stuff" that originates from these sites, he says.

8.      More safeguards to protect PHI. "I hope that technology continues to be enhanced to support patient privacy," says Mikels. "This should be meaningful and non-burdensome to the user, and should support patient care and safety."

Ruelas says he would deactivate any and all USB port functions which allow data to be downloaded and subsequently taken offsite in an unauthorized manner.

"These handy little devices, with all their storage capability, can create big issues," Ruelas says.

Ponemon's "Benchmark Study on Patient Privacy and Data Security" may be viewed here.