TRENDING:

The Security Scrutinizer with Howard Anderson

Protecting the Average Joe's Records

VIPs Aren't the Only Ones Who Merit Privacy Protection Howard Anderson (ismg_editor) • December 12, 2011    

So I was pleased to read that Penn State Hershey Medical Center recently fired a staff member for allegedly accessing former Penn State University football coach Joe Paterno's billing and registration records without permission.

See Also: LIVE Webinar | Stop, Drop (a Table) & Roll: An SQL Highlight Discussion

The Patriot-News, the local newspaper that broke the story, reports that the breach was identified because Paterno's records were "put under an audit" to help prevent leaks.

The average Joe, and not just Joe Paterno, is worthy of privacy protection. 

Paterno's medical records weren't accessed, and there is no indication the information the snooper accessed was shared with anyone else, the newspaper reports.

When a hospital is dealing with a VIP patient, it certainly makes sense to take extra precautions to protect their privacy. But the average Joe, and not just Joe Paterno, is worthy of top-notch privacy protection.

Sending a Strong Message

It's certainly good to see that Penn State Hershey Medical Center invoked what appears to be a zero tolerance policy when it comes to records snoopers. That sends a strong message to the entire staff about the importance of patient privacy.

As the new year approaches, it's a good time to resolve that your organization will scrutinize its HIPAA compliance efforts and take the important step of educating staff about the sanctions they'll face if they violation patients' trust.

Our Healthcare Information Security Today survey shows that improving regulatory compliance efforts is the top priority for the coming year. It also shows that audit logs and log management are the top technology investment for the year ahead. These are good indications that healthcare organizations intend to take steps to make sure records snoopers don't violate the privacy rights of the average Joe.



About the Author

Howard Anderson

Howard Anderson

Former News Editor, ISMG

Anderson was news editor of Information Security Media Group and founding editor of HealthcareInfoSecurity and DataBreachToday. He has more than 40 years of journalism experience, with a focus on healthcare information technology issues. Before launching HealthcareInfoSecurity, he served as founding editor of Health Data Management magazine, where he worked for 17 years, and he served in leadership roles at several other healthcare magazines and newspapers.




Around the Network

Showing Evidence of 'Recognized Security Practices'
Showing Evidence of 'Recognized Security Practices'
Are We Doomed? Not If We Focus on Cyber Resilience
Are We Doomed? Not If We Focus on Cyber Resilience
The Persisting Risks Posed by Legacy Medical Devices
The Persisting Risks Posed by Legacy Medical Devices
David Derigiotis on the Complex World of Cyber Insurance
David Derigiotis on the Complex World of Cyber Insurance
Protecting the Hidden Layer in Neural Networks
Protecting the Hidden Layer in Neural Networks
Whistleblowing Brings Visibility to the Role of CISOs
Whistleblowing Brings Visibility to the Role of CISOs
Craig Box of ARMO on Kubernetes and Complexity
Craig Box of ARMO on Kubernetes and Complexity
Organization-Wide Passwordless Orchestration
Organization-Wide Passwordless Orchestration
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
Aité-Novarica's Cybersecurity Impact Award
Aité-Novarica's Cybersecurity Impact Award

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.