It’s a question practices should be asking in the wake of the news that a server containing personal patient and billing information was breached at a radiology practice in Rochester, N.H. It’s the latest security breach made public under the HITECH Act’s security breach notification rules.
How secure is the patient data at your practice?
It’s a question practices should be asking in the wake of the news that a server containing personal patient and billing information was breached at a radiology practice in Rochester, N.H. It’s the latest security breach made public under the HITECH Act’s security breach notification rules.
The HITECH rules require organizations covered under HIPAA to report the breach to the affected patients, and in some cases to CMS. Cases involving more than 500 people are posted publicly by the Office of Civil Rights, which is why we’ve been seeing some large incidents in the last several months.
In the case of this radiology practice, Seacoast Radiology, the breach occurred in November 2010, and access to the server was disabled immediately, according to a release. An independent investigation concluded that unauthorized use of the data - which included names, addresses, Social Security numbers, dates of birth, diagnosis codes, and billing information - was unlikely. Radiology reports weren’t stored on this server.
Data security continues to be a major health IT concern for physicians. A study last year by the Healthcare Information and Management Systems Society (HIMSS) found that 34 percent of respondents named security breaches as a top concern, and 23 percent said their organizations experienced a breach in the last year.
So what can you do to protect your practice?
One control measure is disk encryption, which uses software to protect data on the hard drive should it be accessed by an unauthorized user. The software makes it difficult for someone to remove the hard drive and read its contents on another computer. Password protection isn’t always enough when it comes to protecting sensitive data. It’s also a good idea to physically secure the hardware at the end of the day.
Has your practice experienced a security breach? Or do you have a best practice to share for protecting data?
The Reading Room: Artificial Intelligence: What RSNA 2020 Offered, and What 2021 Could Bring
December 5th 2020Nina Kottler, M.D., chief medical officer of AI at Radiology Partners, discusses, during RSNA 2020, what new developments the annual meeting provided about these technologies, sessions to access, and what to expect in the coming year.
Current Perspectives on Radiology Workforce Issues and Potential Solutions
March 14th 2024Emphasizing the gravity of the ongoing workforce shortage in radiology, these authors recommend a change agenda focusing on expanded numbers of residency positions, reassessment of educational pathways, maintaining a strong presence in hospital settings and practice level initiatives to reduce administrative burden and achieve appropriate reimbursement beyond RVU measurements.
Could Cloud-Based 'Progressive Loading' be a Boon for Radiology Workflows?
March 13th 2024The newly launched Progressive Loading feature, available through RamSoft’s OmegaAI software, reportedly offers radiologist rapid uploading of images that is faster than on-site networks and other cloud-based systems regardless of the network radiologists are using.