Protecting the Average Joe's RecordsVIPs Aren't the Only Ones Who Merit Privacy Protection
So I was pleased to read that Penn State Hershey Medical Center recently fired a staff member for allegedly accessing former Penn State University football coach Joe Paterno's billing and registration records without permission.
See Also: LIVE Webinar | Stop, Drop (a Table) & Roll: An SQL Highlight Discussion
The Patriot-News, the local newspaper that broke the story, reports that the breach was identified because Paterno's records were "put under an audit" to help prevent leaks.
The average Joe, and not just Joe Paterno, is worthy of privacy protection.
Paterno's medical records weren't accessed, and there is no indication the information the snooper accessed was shared with anyone else, the newspaper reports.
When a hospital is dealing with a VIP patient, it certainly makes sense to take extra precautions to protect their privacy. But the average Joe, and not just Joe Paterno, is worthy of top-notch privacy protection.
Sending a Strong Message
It's certainly good to see that Penn State Hershey Medical Center invoked what appears to be a zero tolerance policy when it comes to records snoopers. That sends a strong message to the entire staff about the importance of patient privacy.
As the new year approaches, it's a good time to resolve that your organization will scrutinize its HIPAA compliance efforts and take the important step of educating staff about the sanctions they'll face if they violation patients' trust.
Our Healthcare Information Security Today survey shows that improving regulatory compliance efforts is the top priority for the coming year. It also shows that audit logs and log management are the top technology investment for the year ahead. These are good indications that healthcare organizations intend to take steps to make sure records snoopers don't violate the privacy rights of the average Joe.