By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Helping Patients Protect Their Own Personal Health Information
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Business > Hospital Administration > Helping Patients Protect Their Own Personal Health Information
eHealthHospital AdministrationMedical RecordsTechnology

Helping Patients Protect Their Own Personal Health Information

Anne Weiler
Anne Weiler
Share
6 Min Read
Patient Record on Parking
SHARE

Last week I was leaving a meeting at a large hospital when I saw a patient record sitting on top of the payment machine in the parking garage. Incredibly this is the second time that I’ve seen documents left here. People put them down when they pull out their wallets to pay for parking and then walk away.

Last week I was leaving a meeting at a large hospital when I saw a patient record sitting on top of the payment machine in the parking garage. Incredibly this is the second time that I’ve seen documents left here. People put them down when they pull out their wallets to pay for parking and then walk away.

Patient Record on ParkingThe information the patients left behind included treatment plan instructions – so you can be pretty sure they are not doing their follow up home care – but worse than that it contained a schedule of future appointments with the patient’s name, date of birth, and social security number. Yes, you read that right: a perfect package for anyone practicing identity theft. This was all on a page that was printed directly from the EMR. The DOB and SSN were probably included on the record to verify that the information was for the correct patient, but this could be verified by asking the patient without printing it on a schedule of appointments.

So – first things first – I took the paper records back into the hospital. But afterwards it got me thinking about information protection and privacy, and in particular about the many people who still think that a paper print out is more secure than the cloud.

More Read

Red Tape and Telehealth for Cost Savings
What to Look for in Patient Solutions Software
What the FDA’s New Social Media Guidance Means for Marketers
A New Kind of Stress Test
Google’s Ad Platforms Are Getting a Facelift – Here’s What Medical Marketers Need to Know

Although concerns about information protection and privacy are valid, many of the major HIPAA breaches of the last few years have had nothing to do with the cloud and usually are related to human error and not great security practices.

A few examples:

  • Laptops that have patient records on them are stolen. This seems to be one of the most frequent reasons for breaches.
  • A photocopier that had patient data stored on its hard drive and was resold from a hospital to CBS news without the hard drive being cleared.
  • The paper patient records of a retiring physician were unceremoniously dumped in her driveway.

Good protection of patient information is important whether that information is in the cloud, on an internal computer or system, or on paper. HIPAA regulations encourage building good encrypted software; however we also need to have safeguards to protect against human error.

If patient information were in the cloud, the patient would either access the information through a secure portal, email, or application on their mobile device. He or she would then authenticate themselves to receive the information, and would not need to worry about accidentally forgetting their treatment plans sitting on a parking payment machine.

While patients expect to be able to interact with their healthcare providers through portals and mobile applications in the same way they interact with their banks, many healthcare CIOs we’ve encountered are still extremely wary of cloud-based systems. Financial services is another heavily regulated industry that has been able to successfully move to the cloud to better serve its customers.

Wellpepper is a cloud-based application, which in the healthcare world, makes us a business associate and on the hook for any breaches of patient health information. On the hook means that we need to sign a HIPAA agreement with any organization and we have liability for breaches of information. This is a job we take very seriously and we do our utmost to protect all information that flows through Wellpepper. This includes encrypting information at rest and in transit, ensuring strong passwords, and conducting audits of our system as well as making sure we are well-insured.

With Wellpepper, we provide the same level of encryption and safeguards to the patient’s own device as we do on the clinical devices. Information is not stored locally so if a device is lost or stolen there is much lower risk than in the laptop examples. Patient can do whatever they like with their own data. If I want to post my x-rays on the lamppost in-front of my house I can do that. However, that doesn’t mean that a healthcare organization should facilitate me in sharing my personal health information, which is actually significantly easier with paper-based systems than cloud based.

Yes this information would have been transferred over the Internet which could leave it open for hacking but a secure cloud system is no less, and sometimes more secure than internal IT systems which are also vulnerable. The key is to ensure that everyone in the chain, from internal IT to external partners, and finally to the providers and the patients understands the importance of protecting health data, and has the tools they need to do so, whether that’s on paper, online, or in the cloud.

TAGGED:HIPAApatient privacy
Share This Article
Facebook Copy Link Print
Share
By Anne Weiler
Follow:
Anne Weiler is CEO and co-founder of Wellpepper, a clinically-validated and award winning platform for patient engagement that enables health systems to track patient outcomes in real-time against their own protocols and personalize treatment plans for patients. Wellpepper patients are over 70% engaged. Prior to Wellpepper, Anne was Director of Product Management at Microsoft Corporation.

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

dental care
Importance of Good Dental Care for Health and Confidence
Dental health Specialties
October 2, 2025
AI in Healthcare
AI in Healthcare: Technology is Transforming the Global Landscape
Global Healthcare Policy & Law Technology
October 1, 2025
Choosing the Right Swimwear for Health and Safety
News
September 30, 2025
sports concussions
Concussion In Sports: How Common They Are And What You Need To Know
Infographics
September 28, 2025

You Might also Like

Email for business
eHealth

What Does Your Email (Gmail, Yahoo, Aol) Say About Your Practice

October 14, 2012
EHR Market Share report
BusinesseHealthMedical Records

Insights from the 2014 Meaningful Use EHR Market Share Report

May 6, 2014
healthcare marketing statistics
BusinesseHealthFinanceHospital Administration

23: Number of Useful Internet Marketing Stats in This Healthcare Post

April 24, 2013

Metabolic Surgery for Treatment of Obesity

August 8, 2012
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?