If so, it’s a major problem and you are not alone.
Employees that inappropriately access patient medical records are a big and growing concern.
We can help your practice stay on top of the latest health care news, rules, regulations and trends. Subscribe to stay current and up to date on important matters that will impact your practice. (To subscribe to our blog click here).
In one recent example in Virginia, 14 employees accessed a high-profile patient’s medical records without a legitimate patient care need.
The employees were all sanctioned, some terminated.
How do you know if your employees are inappropriately accessing patient records?
You should perform frequent internal audits of your data and your employees.
Train your employees on what they can and cannot access. You are responsible for your employees. Make sure your employees know that HIPAA violations are serious, and dealt with as such by the Office for Civil Rights (OCR).
And make sure to train employees on sanctions for inappropriate access.
Then follow-through. Make sure to issue appropriate sanctions as internal employee breaches have very real consequences for your practice.
We help our clients put policies in place to ensure that employees don’t snoop on records, then we train their employees.
If you have a high-profile patient, it is advisable to proactively monitor the patient’s medical record.
Employee snooping is not a new issue, however it is a very serious issue that is often underestimated.
In Cleveland, a hospital had to notify almost 700 patients after a HIPAA privacy breach. The breach was one employee snooping on confidential records for over a three year period.
Although external breaches are abundant and increasing in frequency and severity, the biggest risk to your healthcare data is still your employees.
In our next blog post, we will keep you informed of related issues. To get this important information delivered directly to your mail box, click here to Subscribe.
Do you need help staying current and compliant with the latest laws, rules and regulations? We can help. To contact us about your practice’s HIPAA Risk Assessment, employee training or audits, or about your other legal needs: CLICK HERE.
P.S. If you or your patients are interested in consumer healthcare issues, check out myhealthspin.com.