{"id":3541,"date":"2021-06-15T07:12:00","date_gmt":"2021-06-15T14:12:00","guid":{"rendered":"https:\/\/corridorinteractive.com\/?p=3541"},"modified":"2021-06-13T16:16:25","modified_gmt":"2021-06-13T23:16:25","slug":"anatomy-of-a-privacy-breach-in-health-care","status":"publish","type":"post","link":"https:\/\/corridorinteractive.com\/blog\/anatomy-of-a-privacy-breach-in-health-care\/","title":{"rendered":"Anatomy of a Privacy Breach in Health Care"},"content":{"rendered":"\n
This article is part 2 of our 3-part Privacy Training Series: Financial Impacts & Consequences of a Privacy Breach.<\/em><\/strong><\/p>\n\n\n\n It doesn\u2019t take significant effort with Google to discover multiple stories about privacy breaches in Canadian healthcare settings over the past year. These stories have consistent plot lines with egregious privacy breaches being committed by employees, typically for personal reasons and with strong enforcement outcomes. <\/p>\n\n\n\n These privacy breach stories normally contain detail about the incidents, the health care facility, and the names of the individuals who committed the breaches (intentional or not), all in the public record. Employers’ names and practices are also highly publicized. Many of these stories gain broader publicity than a disciplinary tribunal hearing by regularly appearing in industry publications. Of course the juicier or higher profile cases always end up on the evening news. It goes without saying that this is not how healthcare practitioners want to gain publicity for their organization.<\/p>\n\n\n\n What do many of these breaches look like? The two most common circumstances for privacy breaches are intentional<\/em> and unintentional<\/em>. <\/p>\n\n\n\n The intentional<\/strong> breach frequently involves an employee improperly accessing multiple patient healthcare records over a period of time. The breach is commonly discovered by one of three methods:<\/p>\n\n\n\n The unintentional<\/strong> breach that normally stems from poor privacy procedures and practices is often more egregious, as the information is frequently lost into the public domain. There are unknown consequences to those whose privacy has been affected and no way to fully retrieve the information. For example, consider electronic devices with privacy information improperly stored on them that become lost or stolen – either way, there are equal chances of the privacy breach ending up as tomorrow\u2019s headlines. <\/p>\n\n\n\n A look at privacy breaches in Canada over the last few years shows that all levels of employees were involved. Breaches are committed by staff ranging from billing clerks all the way to the top levels of the medical profession. It is important to note again that not all breaches are intentional. <\/p>\n\n\n\n This is where things get strange! The majority of breaches are not<\/strong> committed for financial gain. A survey of recent cases reveals motivations more related to human emotions and frailty. <\/p>\n\n\n\n Penalties for breaches continue to be severe as governing bodies take privacy very seriously. A wide range of sanctions frequently given include hefty monetary fines, professional reprimands, work discipline actions including suspensions, the removal of future privileges to access to health information systems and loss of employment. For the health practices there is significant reputational damage plus additional costs that will be discussed in our next blog. <\/p>\n\n\n\n Since privacy breaches start with people, it is important to identify ways to improve your privacy best practices<\/strong> before your office becomes tomorrow\u2019s headlines. The best medicine, as mandated by many governing tribunals, starts with education and annual privacy training<\/strong>. Efficient online training<\/a> where progress is tracked and audited, with frequent refresher courses<\/a> has been proven to work. A proactive training strategy keeps employees up-to-date on privacy obligations and reminds them of the serious consequences a privacy breach brings. The cost to employers and employees of proper education is substantially less than the alternative!<\/p>\n","protected":false},"excerpt":{"rendered":" This article is part 2 of our 3-part Privacy Training Series: Financial Impacts & Consequences of a Privacy Breach. It doesn\u2019t take significant effort with Google to discover multiple stories about privacy breaches in Canadian healthcare settings over the past year. These stories have consistent plot lines with egregious privacy breaches being committed by employees, […] Keep reading Anatomy of a Privacy Breach in Health Care <\/span>»<\/a><\/p>\n","protected":false},"author":3,"featured_media":3543,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[1],"tags":[],"acf":[],"yoast_head":"\nIntentional and Unintentional<\/h2>\n\n\n\n
Malicious Breaches Pose a Growing Threat; Accidental Breaches Still Common<\/h2>\n\n\n\n
Consequences<\/h2>\n\n\n\n
Privacy Best Practices Starts with Education & Annual Training<\/h2>\n\n\n\n