Houston we have a problem. The lesson a medical practitioner, M.D. Anderson had to learn about protecting patients’ health records. Take a look at the proper security measures concerning patient records and how to store medical records securely.
University of Texas M.D. Anderson cancer center waited nearly two months before notifying some 30,000 patients that their personal information was stolen from a physicians non-encrypted laptop. The medical practice admitted that they had not taken the standard security measures for quite some time, something so simple as using a password protected database. Had they used a HIPAA compliant hosting service the misfortune could have been avoided. The theft occurred on April 30th, yet patients were not informed until June 28th. M.D Anderson stated that it wanted to make certain a breach of client records had in fact occurred before they notified the patients.
The news of the stolen laptop raises concern over the need to protect client information in the healthcare industry via a government regulated online database. These days it is not cost effective for medical centers such as M.D. Anderson to operate it’s own private database where all client records are accessed and stored. Many Houston based medical centers chose to host with a colocation provider in order to avoid a situation such as the M.D. Anderson theft. A breach in a patients’ protected health information often result in heavy fines imposed by HIPAA. By not following proper security guidelines, the identity of patients and their health information are at risk of being compromised.
Healthcare providers such as M.D Anderson have options. Online databases from HIPAA compliant data centers in Houston, TX must adhere to high standards of security and enables doctors and insurance providers to share information easily over a dedicated server. This also eliminates time consuming paper work and of course the risk of theft such as the one that occurred in Texas this past April. Hopefully there is light at the end of the tunnel for the victims of M.D Anderson. Protecting a patient’s health information should be held in higher regards for healthcare professionals.