It seems like every time I turn around there is another high profile HIPAA violation in the news. While your organization may be making progress in establishing and strengthening your compliance framework it is worth a reminder that you shouldn’t forget to control and safeguard patient information on paper.
In one of many recent articles Nuance and Xerox jointly submitted through Healthcare Technology Online we highlighted the need to pay added attention to paper based breaches of PHI. The article, titled “HHS’ Fastest Rising Category of Security Breach: Are You at Risk?” by Randy Cusick from Xerox, highlights the fact that while healthcare organizations are broadly doing a better job of protecting patient information, there is significant room for improvement in the safeguarding and security of paper based documents.
In fact, according to reported data from the Department of Health and Human Services (Data source) there was a significant increase in the percentage of breaches involving paper documents from 2009 (18%) to 2011 (27%). The main takeaway here is that many providers seem to be addressing the security issues inherent in their digital workflows, but may not be paying enough attention to paper-based processes and workflows.
The ongoing need to receive processes and print sensitive documents in a healthcare setting demands increased and improved security measures to ensure patient privacy and HIPAA compliance. Does your print environment have security gaps? Do your print devices meet your corporate security and risk management requirements? Do you have a “print policy” in place to provide governance of paper and paper records? Do you have authentication enabled for open access printing in your facility? If you wouldn’t feel comfortable answering these questions in front of your CIO, it might be a good idea to check out Randy’s article.
HealthyDocs 