When Protected Health Information Walks Out the Door


The most publicized patient privacy breaches are often due to hackers getting into EHR systems. One more the most common ways breaches occur, however, is when protected health information (PHI) simply walks out the door. These days you can’t work effectively without laptops, tablet computers, cell phones, and other mobile gadgets. But like anything else that gets piled on tables or stuffed in briefcases, these devices can get lost. When they contain PHI, lost devices are more than an inconvenience, they’re potential HIPAA violations.

This is Not a Drill

The very first thing you should do when you learn that a device has been lost is determine what was on the device. If it did not contain patient data, then of course, you’re in the clear. If it did, you need to know whose data, and how many patients are potentially affected. And you should have an incident response plan set to go, advised Rick Hindmand, an attorney specializing in healthcare law with law firm McDonald Hopkins in Chicago. “Have a response team ready on a moment’s notice. The team should include an IT expert, an attorney, your insurer, if you have one, and possibly a public relations professional—in the case of press inquiries,” Hindmand said.

Click here for the full article from Physicians Practice

Jump to Page

McDonald Hopkins uses cookies on our website to enhance user experience and analyze website traffic. Third parties may also use cookies in connection with our website for social media, advertising and analytics and other purposes. By continuing to browse our website, you agree to our use of cookies as detailed in our updated Privacy Policy and our Terms of Use.