Identity theft at hospitals often reveals how patient information can be stolen to commit fraud. But experts, such as Brian Evans, of Tom Walsh
Consulting, agree preventive measures are needed.
"Unauthorized access has been a common problem in every healthcare organization I've worked in...Without proper auditing in place, it's difficult to quantify the scope of employees taking advantage of privileges they have for non-work related purposes like snooping." - Brian Evans, Tom Walsh ConsultingBesides limiting employee access to patients' sensitive information, healthcare organizations can take other steps to prevent identity fraud involving insiders, says Brian Evans. That includes deploying monitoring and breach detection tools, as well as ramping up employee training.
"Organizations' awareness and training programs clearly need to educate the workforce on policy and proper conduct with potential consequences for infractions," Evans says. Also, healthcare organizations can employ breach detection solutions that can flag data access anomalies, he suggests.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
"Written policies and procedures are enforced with a technical solution and unauthorized access is detected and addressed accordingly," Evans says. "More importantly, an organization's culture is changed because consistent and ongoing auditing and monitoring is established, which acts as a deterrent with disciplinary action as the outcome for those employees found in violation of policy."