Monday, March 5, 2012

Kaiser Director of Medical Informatics on Patient Privacy Breach Detection

Eric Liederman, Director of Medical Informatics at Kaiser Permanente, gave a great talk on best practices for protecting patient data privacy at HIMSS (Healthcare Information and Management Systems Society) meeting in Las Vegas.

Here are his advice for monitoring healthcare staffs’ access of protected health information on computers:
  • Monitor logs of employee access to patient data to proactively find violations; don’t just investigate allegations.

  • Use analytics with high specificity so that few false-positives occur. Doing so will make enforcement easier, because offenders will be easier to detect.

  • Find existing frequent offenders by using the monitoring before implementing a surveillance policy.

  • Announce the plan to monitor access to all employees. This can deter those tempted to Inappropriately access patient data.

  • Monitor all employees and apply consequences consistently to be equitable and avoid lawsuits.
"The goal is deterrence, an effort to prevent normal, fallible people from giving in to momentary temptation." - Eric Liederman, Dir. Medical Informatics, Kaiser Permanente
Detecting patient privacy breaches in this manner will fostering accountability to protect privacy and remain compliant with the Health Insurance Portability and Accountability Act.
Learn how patient privacy breach detection proactively identifies unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
(a) Spying on staff: The solution to patient privacy, HIPAA - Modern Medicine, 2/29/2012
(b) Accountability, Fueled by Surveillance, Reduces HIPAA Violations - HIT Community, 2/22/2012

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at