You’ve probably noticed some differences in your visits to your medical care provider’s office in recent years.
One of the biggest changes has been in the way your information is collected during your visit.
You may have noticed that, instead of writing everything down, doctors, nurses, and other medical professionals are using a laptop or a tablet to record your data.
Electronic Health Records are now being widely used in every area of the medical field to improve the care they provide to their patients.
While the benefits of using EHR software are numerous, there may be some concern as to the safety and security of your information, especially in a time when hacking is frequently in the news.
The statistics can be sobering. Approximately 30,000 websites are hacked every day.
How is your medical data secured?
While it can be unnerving to think about your private information being accessed by someone who has no business seeing it, there are legal safeguards in place to protect you.
The Health Insurance Portability and Accountability Act (HIPAA) is legislation that provides data privacy and security provisions for safeguarding medical information.
HIPAA legislation was enacted in 1996 and updated in 2005 in order to account for the growth of EHR and other advances in technology.
There are certain rules that HIPAA requires all health care providers abide by.
They may face severe penalties for noncompliance so you can rest assured that it is also in their best interest to adhere to the guidelines.
These include physical, technical, and administrative measures.
Let’s delve into some of these physical, technical, and administrative ways to protect your privacy.
- Guarding physical access. It’s important that computer monitors, printers, fax machines, and any similar machines that display data be kept in an area that can only be accessed by those who are authorized. For example, computers shouldn’t be kept in a busy hallway where other patients are coming and going. Another way to safeguard access is by using passwords that are secure and not shared amongst co-workers.
- This is a technical safeguard that involves converting data or information into a code that is only able to be “decrypted” by authorized personnel. When your medical information is encrypted, it can only be read by a person with the key.
- Keep up-to-date records. Administratively, it’s important to keep track of everything that has to do with access to your medical records. A security manager should be put in place to take on this task, which should include any changes made to records, when they were made, and any other pertinent information.
The HIPAA laws also give the patients rights over their own medical information.
- You have the right to see and/or get a copy of your records.
- You can ask for mistakes to be corrected.
- You have the right to be notified how your information is used and with whom it is shared.
- You can set the terms concerning where and when your health care provider contacts you.
- You do have some recourse if you feel any of the rules have been violated. You can file a complaint at hhs.gov/ocr.
Some of your uneasiness about the security of your medical data can be alleviated by talking with your medical provider.