By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Helping Patients Protect Their Own Personal Health Information
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Business > Hospital Administration > Helping Patients Protect Their Own Personal Health Information
eHealthHospital AdministrationMedical RecordsTechnology

Helping Patients Protect Their Own Personal Health Information

Anne Weiler
Anne Weiler
Share
6 Min Read
Patient Record on Parking
SHARE

Last week I was leaving a meeting at a large hospital when I saw a patient record sitting on top of the payment machine in the parking garage. Incredibly this is the second time that I’ve seen documents left here. People put them down when they pull out their wallets to pay for parking and then walk away.

Last week I was leaving a meeting at a large hospital when I saw a patient record sitting on top of the payment machine in the parking garage. Incredibly this is the second time that I’ve seen documents left here. People put them down when they pull out their wallets to pay for parking and then walk away.

Patient Record on ParkingThe information the patients left behind included treatment plan instructions – so you can be pretty sure they are not doing their follow up home care – but worse than that it contained a schedule of future appointments with the patient’s name, date of birth, and social security number. Yes, you read that right: a perfect package for anyone practicing identity theft. This was all on a page that was printed directly from the EMR. The DOB and SSN were probably included on the record to verify that the information was for the correct patient, but this could be verified by asking the patient without printing it on a schedule of appointments.

So – first things first – I took the paper records back into the hospital. But afterwards it got me thinking about information protection and privacy, and in particular about the many people who still think that a paper print out is more secure than the cloud.

More Read

How Healthcare Contact Centers Can Improve Patient Experiences
Health Care Research Awards
Mobile Health Around the Globe: Connecting Caregivers of Aging Parents
Can Technology Motivate Healthy Behavior? – HealthTech 2011
Digital Health Accelerator Rock Health’s Start-Ups

Although concerns about information protection and privacy are valid, many of the major HIPAA breaches of the last few years have had nothing to do with the cloud and usually are related to human error and not great security practices.

A few examples:

  • Laptops that have patient records on them are stolen. This seems to be one of the most frequent reasons for breaches.
  • A photocopier that had patient data stored on its hard drive and was resold from a hospital to CBS news without the hard drive being cleared.
  • The paper patient records of a retiring physician were unceremoniously dumped in her driveway.

Good protection of patient information is important whether that information is in the cloud, on an internal computer or system, or on paper. HIPAA regulations encourage building good encrypted software; however we also need to have safeguards to protect against human error.

If patient information were in the cloud, the patient would either access the information through a secure portal, email, or application on their mobile device. He or she would then authenticate themselves to receive the information, and would not need to worry about accidentally forgetting their treatment plans sitting on a parking payment machine.

While patients expect to be able to interact with their healthcare providers through portals and mobile applications in the same way they interact with their banks, many healthcare CIOs we’ve encountered are still extremely wary of cloud-based systems. Financial services is another heavily regulated industry that has been able to successfully move to the cloud to better serve its customers.

Wellpepper is a cloud-based application, which in the healthcare world, makes us a business associate and on the hook for any breaches of patient health information. On the hook means that we need to sign a HIPAA agreement with any organization and we have liability for breaches of information. This is a job we take very seriously and we do our utmost to protect all information that flows through Wellpepper. This includes encrypting information at rest and in transit, ensuring strong passwords, and conducting audits of our system as well as making sure we are well-insured.

With Wellpepper, we provide the same level of encryption and safeguards to the patient’s own device as we do on the clinical devices. Information is not stored locally so if a device is lost or stolen there is much lower risk than in the laptop examples. Patient can do whatever they like with their own data. If I want to post my x-rays on the lamppost in-front of my house I can do that. However, that doesn’t mean that a healthcare organization should facilitate me in sharing my personal health information, which is actually significantly easier with paper-based systems than cloud based.

Yes this information would have been transferred over the Internet which could leave it open for hacking but a secure cloud system is no less, and sometimes more secure than internal IT systems which are also vulnerable. The key is to ensure that everyone in the chain, from internal IT to external partners, and finally to the providers and the patients understands the importance of protecting health data, and has the tools they need to do so, whether that’s on paper, online, or in the cloud.

TAGGED:HIPAApatient privacy
Share This Article
Facebook Copy Link Print
Share
By Anne Weiler
Follow:
Anne Weiler is CEO and co-founder of Wellpepper, a clinically-validated and award winning platform for patient engagement that enables health systems to track patient outcomes in real-time against their own protocols and personalize treatment plans for patients. Wellpepper patients are over 70% engaged. Prior to Wellpepper, Anne was Director of Product Management at Microsoft Corporation.

Stay Connected

1.5KFollowersLike
4.5KFollowersFollow
2.8KFollowersPin
136KSubscribersSubscribe

Latest News

exercise benefits
How Exercise Shapes The Teenage Body And Mind
Infographics
July 12, 2026
How Healthy Meal Kits Are Helping Millennials and Gen Z Build Better Eating Habits
Health
July 9, 2026
Understanding the Connection Between Chronic Pain and Mental Health: A Path to Holistic Healing
Understanding the Connection Between Chronic Pain and Mental Health: A Path to Holistic Healing
Anxiety Mental Health
July 6, 2026
Florida Nurses Face Growing Licensing Risks: Understanding the Investigation Process and How to Protect Your Career
Florida Nurses Face Growing Licensing Risks: Understanding the Investigation Process and How to Protect Your Career
Nursing Policy & Law
July 2, 2026

You Might also Like

Medical Consultation
BusinessHospital Administration

The Benefits of Medical Consultation Online

February 25, 2021
ED throughput measures Ebola prevention
Health ReformHospital AdministrationPublic Health

Ebola Response: 5 ED Throughput Measures Your ED Needs

October 6, 2014

Telestroke Initiative Website Launched

May 14, 2011
autism
Medical DevicesMedical InnovationsRemote DiagnosticsTechnology

MIT Researchers Aim to Help People with Autism

November 1, 2013
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2026 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?