Healthcare Providers Face Tougher HIPAA Rules
When she arrived in 2010, she had her work cut out for her: "We found some of our applications didn't even have audit logs turned on." She set about "sending the message [of security and privacy] and saying it in different ways so that while [staff is] hearing the same thing, you're making it interesting. We did carnivals and had games and gave away prizes. In our newsletter we'll do crossword puzzles and different things just to get people engaged."
But in addition, CaroMont has FairWarning software that analyzes its network and examines audit logs and presents at-a-glance summaries of this information.
"It's also a huge deterrent to employees who in the past were used to looking at their own records or records of their family members, even though we've always had a policy that that was not allowed," Horseman says. "There was never anybody watching, and so nobody was ever getting in trouble. Nobody was ever getting caught. So they just continued to do it.
"Then we put FairWarning on. Within the first month that we had it in, we had hundreds of alerts that were popping up. We sent all that information out to department managers and directors and said, 'Look, these are all the alerts for the people in your department. You need to be reinforcing the policy and doing the education,' and within the first two weeks after we started enforcing it, this inappropriate access just fell off the face of the earth."
Protecting healthcare privacy will never be simple. In a few short years, providers have evolved from unencrypted laptops being stolen or lost to more sophisticated threats, sometimes inside jobs. But as the HIPAA omnibus rule and the random audits kick in, regulations and enforcement will be harder for healthcare providers to ignore, as digital privacy and associated safe practices rise to their proper place alongside other healthcare safety practices.
This article appears in the September issue of HealthLeaders magazine.
Scott Mace is senior technology editor at HealthLeaders Media.
- CFO Exchange: Smartphones Poised to Disrupt Healthcare, Says Topol
- Consumerism Drives Healthcare Branding, Rebranding Efforts
- PA Ranks See 'Phenomenal Growth,' Lack of Diversity
- 3 Traits Personality Assessments Can't Reveal
- CNO on Hospital Redesign: 'You Can't Over-Communicate'
- How Digital Strategy Shapes Patient Engagement at Boston Children's Hospital
- Antibiotic Overuse a 'Huge Threat' to Patient Safety, Says CDC
- CHS Hacked, 4.5M Patient Records Compromised
- Carondelet to Pay $35M to Settle Fraud Allegations
- Half of All Primary Care, Internal Medicine Jobs Unfilled in 2013