When Protected Health Information Walks Out the Door
The most publicized patient privacy breaches are often due to hackers getting into EHR systems. One more the most common ways breaches occur, however, is when protected health information (PHI) simply walks out the door. These days you can’t work effectively without laptops, tablet computers, cell phones, and other mobile gadgets. But like anything else that gets piled on tables or stuffed in briefcases, these devices can get lost. When they contain PHI, lost devices are more than an inconvenience, they’re potential HIPAA violations.
This is Not a Drill
The very first thing you should do when you learn that a device has been lost is determine what was on the device. If it did not contain patient data, then of course, you’re in the clear. If it did, you need to know whose data, and how many patients are potentially affected. And you should have an incident response plan set to go, advised Rick Hindmand, an attorney specializing in healthcare law with law firm McDonald Hopkins in Chicago. “Have a response team ready on a moment’s notice. The team should include an IT expert, an attorney, your insurer, if you have one, and possibly a public relations professional—in the case of press inquiries,” Hindmand said.
Click here for the full article from Physicians Practice