Security and Privacy Services

The passage of HITECH means that 2010 through 2012 will be watershed years for new security and privacy requirements and challenges for healthcare providers. These changes affect not only hospitals and doctors, but also nursing homes, home care agencies, clinical labs, and other healthcare organizations, as well as their vendors and contractors who handle protected health information.

We’re facing a new era of enforcement around data breaches. As the number of court cases increases and the possibility of criminal as well as civil punishment looms larger, institutions are taking these concerns more seriously.

The public is also demonstrably more engaged in privacy and security concerns. Breaches are publicly posted on the HHS website. Patients and families can complain to the Office of Civil Rights. Some state attorneys general have filed HIPAA enforcement actions on behalf of the public.

Security / Privacy / Culture

Healthcare providers and their vendors need to start thinking about security and privacy as an authentic program, embedded in how things are done, rather than a list of requirements to meet Federal and state requirements. Organizations already recognize the benefits of building quality and patient safety into daily operations. It’s time to start treating security and privacy in the same way.

As with quality and safety, by integrating security and privacy into the fabric of organizational culture, you and your business partners can enhance your operations, improve competitive position and strengthen the bottom line.

For the sake of patients, families and employees, security and privacy should be a part of your organizational values statement, as well as your operational structure, policies and governance.