The impact of cyber attacks and data breaches on healthcare organizations, patients and the healthcare industry overall has been well documented. While breaches stemming from ransomware, lost or stolen devices, compromised IoMT devices, and many more, stress the need for healthcare organizations to protect patient privacy, there are other challenges that require knowing where protected health information (PHI) is stored and who has access to it. Here are three examples:
Value-Based Care
The value-based care revolution, paying healthcare professionals for improving people’s health rather than simply for services provided (e.g. surgeries, treatments, medications, etc.) makes perfect sense, particularly in light of current trends: people are living longer, requiring more care for longer periods of time and healthcare costs continue to rise.
The shift from volume to value however requires that healthcare providers all be “on the same page” with respect to a patient’s health. This can get complicated given the number of physicians, specialists and facilities providing care to a single patient. Consider what happens when an employee with a pre-existing condition like diabetes starts a job with a new employer. If the job change includes changing healthcare networks (and it often does), it is in everyone’s best interest to have an orderly turnover of all the employee’s health records to ensure continuity of care.
Patient Health Information Journey
Clearly, health delivery has become more sophisticated due to rapid advancements in technology and the diversification of healthcare providers. Unfortunately, health delivery has also become complex and an ever increasing amount of data is a big part of the problem. The transfer of medical information therefore has become extremely complicated and cumbersome. This is quite problematic as a patient moves through the healthcare system.
The patient journey across the care continuum involves lots of interaction with lots of healthcare professionals – both care providers and administrative staff. Patient histories, prescriptions, diagnoses, recommendations, registration details, insurance and billing information – all need to be easily accessible and transferable. A delay in transferring all or even some patient information from one specialist to another or from one healthcare facility to another doesn’t just impact efficient care coordination, it could be the difference between life and death.
Securing Patient Information
Accessing and sharing vital patient information and other protected health information (PHI) between healthcare providers and information systems is imperative for successful value-based care initiatives AND efficient care coordination. Technology solutions that interact with patient information are therefore most efficient when they integrate with a full range of systems that store patient information: EHR systems, content management solutions, cloud based repositories, CRM and ERP systems and more. The higher the level of integration and interoperability, the more efficient, productive and effective healthcare providers can be in delivering quality care.
As you can imagine, sharing patient information between specialists, facilities, and insurers securely – and in compliance with HIPAA – is absolutely critical. Hackers target the healthcare industry for a reason – there is a treasure trove of patient information that can be monetized and difficult to reclaim ownership. In other words, if your credit card number is compromised, the number is voided and you receive a new credit card with a new number. It’s not so easy when your social security number, prescription history, or other medical information has been compromised. Healthcare professionals therefore need to do everything they can to protect patient information. Doing so not only preserves patient privacy, it enables healthcare organizations to demonstrate compliance with HIPAA and HITECH, which is just as important.
These concepts will be explored in depth in an upcoming webinar hosted by Accellion with special guests Soma Bhaduri, Director of Information Security and Risk Management with New York City Health & Hospitals (HHC) and Jason Bradt, Chief Medical Officer with Concentric Operations Group. The webinar takes place August 10th at 1pm EDT / 10 am PDT. We invite you to attend. You may register here.