Friday, October 11, 2013

Coworkers as Patients Require Extra HIPAA Vigilance

An employee underwent surgery at her workplace, a California hospital, during which co-workers took what they considered playful photos. However, the employee patient was so humiliated she resigned and sued the hospital for violating state privacy and other laws.

While it is unclear how this case will be resolved, healthcare organizations must be particularly vigilant about all forms of HIPAA privacy violations when employees become patients. Frank Ruelas, compliance officer for Gila River Healthcare in Arizona, says adopting policies is insufficient. Ruelas notes "people would be exceptionally surprised if they knew how often employees inappropriately obtain or share other employees' medical information."

"Covered entities (CEs) should routinely run audits on their medical record systems that specifically track employees accessing other employees’ records."
- Frank Ruelas, HIPAA College
Additional safeguards and monitoring are necessary when workers are patients, similar to the measures applied to VIP patients are celebrities. This includes routine audits on medical record systems to track which employees are accessing other employees’ records. Healthcare organizations can utilize new low-cost on-demand SaaS analytics services to obtain these and other types of inappropriate access reports.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
(a) Workers Who Become Patients Require Extra Vigilance by CEs -, 10/09/2013

No comments:

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at