• E-mail
• Print
• RSS

Implement safeguards to prevent medical identity theft

HIM Connection, February 3, 2009

Want to receive articles like this one in your inbox? Subscribe to HIM Connection!

You’ve undoubtedly seen the headlines and silently hoped it wouldn’t happen to your organization. The stories are not uncommon—unscrupulous attorneys who buy copies of medical records from hospital employees, theft or loss of laptop computers containing protected health information (PHI), theft or loss of backup tapes with sensitive health information, or medical records found in dumpsters or alongside a busy freeway after they’ve blown out of a truck transporting them to a recycling facility.

As an HIM director and/or privacy officer, you know it’s impossible to protect against every possible incident that may occur. But what you can do to help prevent identity theft in your organization? First, ensure that safeguards are in place to protect PHI. And then implement an ongoing education and awareness campaign for your work force to heighten privacy and security awareness to prevent, identify, and respond to identity theft.

What should those safeguards include? Consider conducting criminal background checks on all members of the work force. Establish policies to address destruction, disposal, and reuse of media containing PHI. Establish consistent procedures to verify the identity of anyone requesting PHI.

Editor’s note: This article was adapted from HCPro’s book, The Privacy Officer’s Handbook.

Want to learn about other safeguards? Sign up for HCPro's March 11 audio conference "Prevent Identity Theft With Red Flags: Develop A Compliant Program For New Federal Mandate."

Want to receive articles like this one in your inbox? Subscribe to HIM Connection!

• Comment
• E-mail to a Colleague
• Print
• RSS
• Archive

Comments