Landmark Ruling on Healthcare Data Privacy
Not only can your facility and company be fined, but employees may be at risk personally
When Mediprocity was established in 2009 our aim was to protect patient health information and make HIPAA compliance for messaging simple. When it came to online browser access and mobile applications our goal was to simply protect our user’s data. During our launch we also made two critical decisions which we still hold true today:
· Private Practice Prescribers would be free
· Data mining of our users would not be allowed
Here we are in 2018, almost a decade later and although technology has made great leaps forward the Government still crawls it’s way forward with new regulations in healthcare technology. Also, one constant over the last decade that remains is empathy by healthcare professionals when handling other people’s electronic healthcare data.
Currently, we are seeing hackers holding healthcare companies hostage with ransomware attacks, while emails and browsers continue to become littered with phishing links and malware. The hackers continue to gain enormous access, the servers and mobile devices are left exposed much too often. Then there is the mac-daddy of them all, Facebook has finally been revealed to be sharing your data (Enter Mediprocity sarcasm — ‘shocker’).
Mediprocity has been working to make healthcare professionals understand that securing your text messaging is not only required by the Omnibus law if they contain patient health information but also by JACHO and CMS.
Text is the most widely used form of communication on the planet, and yet we still have difficulty getting healthcare professionals to understand the next time they plan to send an email or text using an unsecured technology — STOP!
There are many services on the market today that provide great security and workflow functionality (we of course like ours best). As a healthcare professional, having a secure communication system does not mean you log into it every few weeks or months — if you are one of those types then that means you only work in healthcare every few weeks or months rather than daily. Every once in a while does not cut it — it should be daily. All it takes is one mistake, one breach, to bring the Office of Civil Rights “OCR” to your door for an investigation that will lead to penalties and fines. Why does Mediprocity sound like a broken record and continue to lecture on this topic? Our answer is simple… users are still not in compliance and it is rampant. We never had any idea getting into the secure messaging business in healthcare was going to be like sitting down with children and making them eat their broccoli. It is hard to reason with a child that broccoli is good for their health and won’t hurt them. They take one look at it and push the plate away — I am not eating that!
Perhaps we can get everyone to start eating their broccoli, sorry we mean secure messaging, with this new warning shot coming out of the State of Connecticut. For those out there who still do not have a secure messaging provider in place for your organization take note.
This is important - based on what was ruled in Connecticut, if you are being a good steward of protecting patient data but your staff and/or other vendors are not also in lockstep with you -- they can not only expose you to HIPAA and Civil Penalty... but now also themselves!
A groundbreaking legal case in the state of Connecticut could have set a new precedence for the entire country under HIPAA. The ruling states that patients have the right to sue Doctors and other healthcare providers for the disclosure of their confidential medical records without their consent.
Now, considering the fact that Facebook just poured gasoline all over technology privacy standards and has people and Congress up in arms, compiled with a ruling against patient disclosure, the time to secure your messaging and attachments is not tomorrow — — it is today!
For those executives who are having trouble convincing their employees that compliance matters, well perhaps this ruling along with the HIPAA Omnibus law will get their attention. Have them take a look because they can now be put in the direct line of fire — personally. People need to remember that a breach does not mean a simple investigation — it is a long laborious stressful process that no organization or employee should have to endure.
Mediprocity is a leader in the Long-Term care messaging space. We protect Nursing Homes, Pharmacy, and Home Health and Hospice groups every day under HIPAA and HITECH guidelines, and, we don’t sell or mine your data.
Yes, there are a ton of great companies out there and you should find the one that has the right feature set for you, offers the type of customer service you are looking for as well as price. But at the end of the day, you need to pick one and now.
We, of course, are fans of our own product and we keep it simple. Contact Us Today to get started!