Privacy and Security: Joke or No Joke?

The Wall of Shame welcomes Sutter Health. Another computer with unencrypted protected health information on over 4 million patients – gone. Now, those guys are pretty smart, so why don’t they encrypt all computers with PHI? One of life’s persistent questions. I mean, I can accept the fact that a health plan operator like Cignet Health might have issues with getting a grip on HIPAA compliance, but Sutter Health?What were they thinking? Can’t happen here? Encryption is a drag? It’s an easy way to avoid major egg-on-face and to avoid spending significant coin on PR, credit reporting services, and potentially on court judgments — all in addition to significant administrative fines payable to HHS and state regulators.

So the federales are piloting the HIPAA audit program. I know it’s required by the HITECH Act, but who believes that it will motivate behavior change? Anyone? Sutter Health was clearly not motivated to seek a safe harbor that would have made the loss of 4 million patient records a non-event. I know encryption can be a drag, but I’m not a techie. If you are, I invite you to educate me (and the other non-techies out there) on the question of how miserable it really is to have to deal with encrypted data; if you’re really a techie, write a program to enable light-touch encryption that doesn’t interfere with use of data.

READ

Why People Suffering from Chronic Pain Should Move to States that Legalized CBD

Whether or not encryption is miserable, we should be asking: Why is this data on a barely secured computer (password-protected desktop) in the first place? Shouldn’t it be stored on a server that stays in a secure facility, or in a secure private cloud?

Furthermore, as data loss incidents like this keep happening — even among other industry leaders (see, e.g., Mass General) — perhaps we need a new framework for thinking about access to health information. If we knew for sure that employment and insurance decisions would not be affected by the availability of otherwise private health record information, perhaps we would be more sanguine about their release. Perhaps government resources would be better spent on beefing up education and enforcement in those arenas (vs. auditing and enforcing compliance with privacy and security standards).

David Harlow
The Harlow Group LLC
Health Care Law and Consulting

healthcare law security breach Sutter Health

Author

David Harlow

DAVID HARLOW is Principal of The Harlow Group LLC, a health care law and consulting firm based in the Hub of the Universe, Boston, MA. His thirty years’ experience in the public and private sectors affords him a unique perspective on legal, policy and business issues facing the health care community. David is adept at assisting clients in developing new paradigms for their business organizations, relationships and processes so as to maximize the realization of organizational goals in a highly regulated environment, in realms ranging from health data privacy and security to digital health strategy to physician-hospital relationships to the avoidance of fraud and abuse. He's been called "an expert on HIPAA and other health-related law issues [who] knows more than virtually anyone on those topics.” (Forbes.com.) His award-winning blog, HealthBlawg, is highly regarded in both the legal and health policy blogging worlds. David is a charter member of the external Advisory Board of the Mayo Clinic Social Media Network and has served as the Public Policy Chair of the Society for Participatory Medicine, on the Health Law Section Council of the Massachusetts Bar Association and on the Advisory Board of FierceHealthIT. He speaks regularly before health care and legal industry groups on business, policy and legal matters. You should follow him on Twitter.

View all posts by David Harlow

What Would Medicare For All Mean For Healthcare Entrepreneurs?

Here Are the Best Ways to Promote Your Business at the Next Health and Wellness Expo

How to Find the Best Hosting Provider for Your Medical Website

Will The Surge In Celebrity Surrogacy Change The Business Of Fertility?

What Would Medicare For All Mean For Healthcare Entrepreneurs?

Entrepreneurs Must Integrate Mission-Driven Strategic Investors

6 Healthcare Financial KPIs You Need for 2017

Determining the ROI on Aquatic Therapy in Your PT Practice

What Would Medicare For All Mean For Healthcare Entrepreneurs?

4 Strategic Approaches To Reducing Hospital Errors

Think Patients Are Bad At Communicating? Rethink Your Systems

8 Of The Most Bizarre Medical Malpractice Cases Out There

7 Tips To Make Sure Your Medical Practice Is Found Online

Healthcare Blockchain Technology: The Good, Bad, And Terrible

How Doctors Can Use Mobile eHealth Apps To Monitor Their Patients

Here’s The Real Truth About Online Medical Services

How Cryptocurrency Benefits Medical Billing Services

Why Blockchain In Healthcare Could Be A Game Changer For EHRs

Here’s Why The Lab Automation Market Is Growing

8 Of The Most Bizarre Medical Malpractice Cases Out There

How Doctors Can Use Mobile eHealth Apps To Monitor Their Patients

6 Ways Mobile Applications Bring Value to Patients and Doctors

The Role Of The Internet Of Medical Things In Healthcare

All The Ingredients You Need For A Successful Health Insurance App

Technological Advancements in The Medical Field That You Should Keep An Eye On

mHealth Apps And Digital Doctors: The Future Of The Healthcare Sector?

EHR For Rural Hospitals: Criteria And Access

How Big Data Can Be Used To Prevent Fatal Heart Attack

7 Tips To Make Sure Your Medical Practice Is Found Online

4 Top Reasons Why App Developers Love Apple Health Records API

Should Healthcare Care About Branding?

How can Healthcare Professionals Manage their Reputation Online

Healthcare Blockchain Technology: The Good, Bad, And Terrible

5 Trends That Are Impacting The Healthcare Industry

How Doctors Can Use Mobile eHealth Apps To Monitor Their Patients

Here’s The Real Truth About Online Medical Services

5 Reasons Why Medical Device Machining Should Be Done By Professionals

Big Data: How Smart Medical Devices Can Change the Future of Healthcare

People Suffering From Hearing Loss Can Be Helped By Technology

Revolutionary Therapeutics For Neuroendocrine Carcinoma Are Underway

9 Medical Technologies Revolutionizing Healthcare

The Rise Of eHealth: Staying Relevant In The Digital Healthcare Paradigm

Here’s How Millennials Impact Clinical Research And The Health Sector

The Revolutionary Advent Of Precision Medicine In Cancer Treatment

Why The Psoriatic Arthritis Treatment Market Is Set To Grow

What To Expect At A Cannabis Vape Lounge

How Self-Determination Theory Can Improve Medical Students’ Motivation

How Medical Advancements Could Change Hepatitis B Diagnoses In 2019

Here’s Why The Lab Automation Market Is Growing

Can CBD Oil Lower Your Weight Or Improve Your Cholesterol?

Try These Delicious And Healthy Alternatives To Junk Food

Take These Important Steps To Fight Periodontal Disease

Health Risks Associated With Substance Abuse To Know About

Is It Time to See a Cardiologist?

Can Artificial Intelligence Diagnose Illnesses Better Than Other Methods?

The Complicated Rise of Interventional Cardiologists

How Big Data Can Be Used To Prevent Fatal Heart Attack

Take These 4 Important Steps For Healthy And Happy Aging

Living Alone When You’ve Been Diagnosed With Alzheimer’s

A Guide To Healthy Aging And Happier Golden Years

10 Early Dementia Signs You Need To Be Aware Of

How a Meal Delivery Subscription Service Can Help You Reach Your Weight Loss Goals

7 Important Health-Related Reasons To Burn Excess Fat

The Weight Conscious Doctor: Why Sensitivity Matters

Top 5 Reasons Why you’re Not Losing Weight on Your Diet

4 Terrible Injuries That Can Happen Because of a Motorcycle Accident

Baby Boomer’s Guide to Dealing with Knee Problems

The Woes Of Modern Posture Struggles And Poor Furniture Support

What Is Scoliosis? 4 Ways To Treat It

Radiology as an Enterprise Model for Collaboration

Relationship Between Clinical Decision Support Systems (CDSS) & Radiology Must Evolve

Diagnostic Reading #33: Five Must-Read Articles from the Past Week

2015 CPT Coding Changes and Your Radiology Practice

Can CBD Oil Lower Your Weight Or Improve Your Cholesterol?

Try These Delicious And Healthy Alternatives To Junk Food

Take These Important Steps To Fight Periodontal Disease

Health Risks Associated With Substance Abuse To Know About

Try These Delicious And Healthy Alternatives To Junk Food

Important Key Benefits Of Turmeric To Know About

Here’s How To Trick Yourself Into Exercising More And Staying Motivated