Snooping into Patient Medical Records Also Constitutes a Privacy Breach

by | Published on Aug 24, 2016 | Medical Record Review

Whether you handle healthcare documentation for medical claims review, medical peer review, or medical records review, maintaining their privacy is paramount. Privacy breach can come from many sources and put you at risk of non-compliance. According to the FBI, at least 4000 ransomware attacks occur daily in the United States resulting in privacy breaches. Now healthcare providers are transitioning to EHR systems to stay compliant with the American Recovery and Reinvestment Act (ARRA). However, even these systems that are considered secure fall victim to internet hackers. We hear of many instances wherein medical information is accessed by unauthorized users. The consequences of such breaches can be devastating – identity theft can wreak havoc on a person’s credit, finances and reputation. Victims are very likely to sue the healthcare practice or other entity that is responsible for the breach, and this could lead to lengthy and unpleasant legal hassles.

Given the vulnerability of medical records, custodians of these documents as well as entities handling them must be aware of the various types of privacy breaches that can occur and put them in an embarrassing situation. Staff members of healthcare institutions sometimes snoop into the patient records, which would qualify as inappropriate access. If a staff member curiously checks on the medical record of a person he/she knows who has come in for treatment, that is considered snooping and amounts to a privacy breach. It is a violation of the patient’s privacy and may lead to litigation even if the staff member doesn’t do anything nefarious with the information accessed. Employees discussing patient details with each other is also another kind of unauthorized interference. When a staff member who has accessed patient information attempts to contact him/her with a view to selling products or some other purpose may also fall within the definition of snooping.

EHR systems should have an auditing function which would clearly show the people who are opening the files. When such a function is incorporated into the system, it may deter the employees from indulging in snooping and such other activities. If there is a good monitoring system, the negative impact of snooping can be reduced to a great extent. The management should also conduct random checks on each employee on a monthly basis, which will help identify any unusual activity. A more effective way of preventing privacy breaches is by conducting a risk analysis. Such an analysis would expose vulnerabilities and give an idea of whether they could lead to a breach and the extent of the breach.

Discover our medical record review solutions and partner with us for your next case.

Related Posts

Five Unexpected Causes of Medical Record Duplication

Medical record duplication creates significant challenges in the healthcare systems that can lead to excessive operational costs, patient care issues and other inefficiencies. The rate of duplication is rising—with healthcare rapidly adopting technology and the volume...

Workers’ Compensation and AI-powered Medical Records Services

Workers’ compensation claims are often challenging due to many reasons. There are stringent regulations to consider, which may be different in different states. Another major concern is the risk of fraud, that leads to increased healthcare costs and other hassles. The...