Privacy and Security: Joke or No Joke?

The Wall of Shame welcomes Sutter Health. Another computer with unencrypted protected health information on over 4 million patients – gone. Now, those guys are pretty smart, so why don’t they encrypt all computers with PHI? One of life’s persistent questions. I mean, I can accept the fact that a health plan operator like Cignet Health might have issues with getting a grip on HIPAA compliance, but Sutter Health?What were they thinking? Can’t happen here? Encryption is a drag? It’s an easy way to avoid major egg-on-face and to avoid spending significant coin on PR, credit reporting services, and potentially on court judgments — all in addition to significant administrative fines payable to HHS and state regulators.

So the federales are piloting the HIPAA audit program. I know it’s required by the HITECH Act, but who believes that it will motivate behavior change? Anyone? Sutter Health was clearly not motivated to seek a safe harbor that would have made the loss of 4 million patient records a non-event. I know encryption can be a drag, but I’m not a techie. If you are, I invite you to educate me (and the other non-techies out there) on the question of how miserable it really is to have to deal with encrypted data; if you’re really a techie, write a program to enable light-touch encryption that doesn’t interfere with use of data.

READ

How You Can Take Your Supplement Brand To The Next Level

Whether or not encryption is miserable, we should be asking: Why is this data on a barely secured computer (password-protected desktop) in the first place? Shouldn’t it be stored on a server that stays in a secure facility, or in a secure private cloud?

Furthermore, as data loss incidents like this keep happening — even among other industry leaders (see, e.g., Mass General) — perhaps we need a new framework for thinking about access to health information. If we knew for sure that employment and insurance decisions would not be affected by the availability of otherwise private health record information, perhaps we would be more sanguine about their release. Perhaps government resources would be better spent on beefing up education and enforcement in those arenas (vs. auditing and enforcing compliance with privacy and security standards).

David Harlow
The Harlow Group LLC
Health Care Law and Consulting

healthcare law security breach Sutter Health

Author

David Harlow

DAVID HARLOW is Principal of The Harlow Group LLC, a health care law and consulting firm based in the Hub of the Universe, Boston, MA. His thirty years’ experience in the public and private sectors affords him a unique perspective on legal, policy and business issues facing the health care community. David is adept at assisting clients in developing new paradigms for their business organizations, relationships and processes so as to maximize the realization of organizational goals in a highly regulated environment, in realms ranging from health data privacy and security to digital health strategy to physician-hospital relationships to the avoidance of fraud and abuse. He's been called "an expert on HIPAA and other health-related law issues [who] knows more than virtually anyone on those topics.” (Forbes.com.) His award-winning blog, HealthBlawg, is highly regarded in both the legal and health policy blogging worlds. David is a charter member of the external Advisory Board of the Mayo Clinic Social Media Network and has served as the Public Policy Chair of the Society for Participatory Medicine, on the Health Law Section Council of the Massachusetts Bar Association and on the Advisory Board of FierceHealthIT. He speaks regularly before health care and legal industry groups on business, policy and legal matters. You should follow him on Twitter.

View all posts by David Harlow

Think Patients Are Bad At Communicating? Rethink Your Systems

How Hospitals Can Improve Revenue Cycle Management

Which Content Strategy Works Best For Your Healthcare Business?

How To Manage Mental Health As An Entrepreneur

Entrepreneurs Must Integrate Mission-Driven Strategic Investors

6 Healthcare Financial KPIs You Need for 2017

Determining the ROI on Aquatic Therapy in Your PT Practice

How to Monetize Mobile Healthcare Apps

Think Patients Are Bad At Communicating? Rethink Your Systems

8 Of The Most Bizarre Medical Malpractice Cases Out There

EHRs And Malpractice Risk: A Serious Concern For Hospitals

Insurance For Medical Professionals: What You Need to Know

Don’t Miss to Consider These 4 Digital Health App Trends

10 Digital Health Services That Could Shape The Future Of Healthcare

Doctors Must Address Physical, Emotional Concerns With Women’s Hair Loss

Technological Advancements in The Medical Field That You Should Keep An Eye On

8 Of The Most Bizarre Medical Malpractice Cases Out There

How AI In Healthcare Can Improve Patient Outcomes

Three Ways a UCaaS System Can Improve Healthcare

The Importance Of Cybersecurity In The Healthcare Sector

10 Digital Health Services That Could Shape The Future Of Healthcare

4 Important Ways Virtual Reality Is Impacting Healthcare

8 Reasons Why mHealth Is Beneficial For Patients Of The Future

Through The Looking Glass: AR And VR Benefit The Healthcare Industry

Technological Advancements in The Medical Field That You Should Keep An Eye On

mHealth Apps And Digital Doctors: The Future Of The Healthcare Sector?

EHR For Rural Hospitals: Criteria And Access

How Big Data Can Be Used To Prevent Fatal Heart Attack

4 Top Reasons Why App Developers Love Apple Health Records API

Should Healthcare Care About Branding?

How can Healthcare Professionals Manage their Reputation Online

How to Handle Negative Physician Reviews and Feedback

Don’t Miss to Consider These 4 Digital Health App Trends

Technological Advancements in The Medical Field That You Should Keep An Eye On

5 Important Things To Expect From Medtech In 2019

Here’s How IT And Healthcare Go Hand In Hand

5 Important Things To Expect From Medtech In 2019

Here’s How Augmented Reality For Healthcare Can Create Major Benefits

The Reprocessed Medical Devices Industry: A Value-Adding Conundrum

Forces Driving The Growth Of Wearable Medical Device Market

5 Important Things To Expect From Medtech In 2019

Here’s How IT And Healthcare Go Hand In Hand

3 Ways The Internet Can Make Healthcare More Accessible

Here’s How Augmented Reality For Healthcare Can Create Major Benefits

Noted Endocrinologist Indicates Testosterone Therapy Could Minimize Bone Loss

Top Tips To Prevent Lung Cancer And Keep Your Lungs Healthy

How Machine Learning Is Shaping The Future Of Precision Medicine

Are Cybersecurity Threats The Main Hurdle For Big Data In Healthcare?

Anti-Osteoporosis Therapy Is Gaining In Popularity—Here’s Why

How to Help Someone Overcome Drug Addiction

Here’s How To Choose Eyeglasses That Best Suit You

7 Important Health-Related Reasons To Burn Excess Fat

Top Three Essentials for General Health Care during Pregnancy

Can Artificial Intelligence Diagnose Illnesses Better Than Other Methods?

The Complicated Rise of Interventional Cardiologists

How Big Data Can Be Used To Prevent Fatal Heart Attack

Peripheral Vascular Stenting to 2020

Living Alone When You’ve Been Diagnosed With Alzheimer’s

A Guide To Healthy Aging And Happier Golden Years

10 Early Dementia Signs You Need To Be Aware Of

Understanding Alzheimer’s Disease: What’s Next? [Infographic]

7 Important Health-Related Reasons To Burn Excess Fat

The Weight Conscious Doctor: Why Sensitivity Matters

Top 5 Reasons Why you’re Not Losing Weight on Your Diet

Starting a New Eating Plan? What you Need to Know about Macro and Micronutrients

What Is Scoliosis? 4 Ways To Treat It

Do it like Disney: Developing Orthopedic Centers of Excellence

Lessons on Building a Great Ortho Team from The Avengers

What Orthopedic Patients Want this Holiday Season

Radiology as an Enterprise Model for Collaboration

Relationship Between Clinical Decision Support Systems (CDSS) & Radiology Must Evolve

Diagnostic Reading #33: Five Must-Read Articles from the Past Week

2015 CPT Coding Changes and Your Radiology Practice

7 Important Health-Related Reasons To Burn Excess Fat

Holistic Medicine vs. Western Medicine: What You Should Know In 2019

6 Important And Powerful Benefits Of Custom Foot Orthotics

Top Three Essentials for General Health Care during Pregnancy

7 Things In Your Home That Could Be Making You Sick

5 Ways to Maintain Healthy Iodine Levels

10 Ways to Maintain a Healthy Lifestyle