Contact Us

Dublin Office

P: +353-1-440-2386

View more

Vitro Software's eHealth Insights

eHealth Insights @ Vitro Software

 

RECEIVE INSIGHTS BY EMAIL

Enjoy Vitro Software's Insights series where we provide views, experiences and opinions from both our own specialist eHealth staff and guest contributors. We cover a range of topics such as; Clinical Information Systems (CIS), Electronic Medical Records (EMR), integration and interoperability, cloud hosting, change management, user adoption and more.

 

Patient record security is everyone’s job

Published on Monday, June 25, 2018

Patient record security is everyone’s job

Growing a culture of privacy

Within the first few weeks of Australia’s legislation around Notifiable Data Breaches (NDB) a total of 63 notices were received, and with the highest percentage occurring in the healthcare sector.

Australia’s Notifiable Data Breaches scheme

Australia’s NDB scheme came into effect on 22 February 2018 – applicable to government agencies, as well as businesses and non-profit organisations with an annual turnover of more than $3 million. Smaller business such as health service providers, credit reporting bodies and businesses dealing in personal information are also included in the scheme, which is governed under part IIIC of the Australian Privacy Act 1988.

The NDB scheme requires such agencies and organisations to notify individuals whose “personal information is involved in a data breach that is likely to results in serious harm” – as soon as possible after such a breach. According to ZDNet, the technology news website, examples of data breach include “when a device containing customers' personal information is lost or stolen, a database containing personal information is hacked, or personal information is mistakenly provided to the wrong person.”

The schemes impact

Within the first few weeks of the legislation’s introduction, the Office of the Australian Information Commissioner (OAIC) received 63 notices of data breaches – the highest (24 per cent) occurring in the healthcare sector. Acting Privacy Commissioner Angelene Falk said that half of the breaches were due to human error.

Human error in the use of electronic medical records was also to blame for the death of a 54-year-old following routine surgery when an anaesthetist accidentally prescribed the patient medication that was meant for another patient. Despite the 22 alarms that were triggered by the system, manual overrides requiring password input allowed the clinician to make the fatal mistake.

Embracing a culture of security

Ensuring patient data is protected comes down to the individual in the organisation. It only takes one person to open a corrupted email attachment; one person to leave their unencrypted laptop on the train; one person to save a file with sensitive data to the wrong server on an organisation’s website.

It also takes a culture of security to teach employees to consider how their every move could impact on patient security. The OAIC has developed guides for implementing privacy governance through data breach risk reduction guides designed including the Privacy Impact Assessment and Information Security Risk Assessment.

Something else to keep in mind is the kind of patient information an organisation shares in its marketing and promotions. Connecting to the community through patient stories can be a wonderful way of gaining support and reaching your target market. However, using images or text with sensitive or secure information such as medications, Medicare number, address details, and the like. The Australian Digital Health Agency has a Digital Health Cyber Security Centre, with advice on individual and organisational responsibilities in patient information security.

Secure healthcare information exchange

Health Level Seven International (HL7) supports the clinical practice, management, delivery and evaluation of health services through framework and standards for electronic health information. The Australian chapter assists in developing the local standards, along with facilitating the skills and knowledge of users and the associated community. Vitro Software is proud to have our director Berne Gibbons as a board member of HL7 Australia to help contribute our organisation’s expertise in overseeing the collaboration between software vendors and healthcare organisations in improving interoperability and secure healthcare information exchange.

Technology, such as Vitro’s Electronic Medical Record has been designed to support healthcare organisations and their employees to reduce the likelihood of data breeches. Vitro is built around the needs of each unique healthcare organisation, which means that it retains the most intuitive, familiar and streamlined user experience while also meeting the needs of the healthcare organisations data privacy needs.

EMAIL JEFF  

Jeff Smoot - CEO Australia

Jeff has extensive experience in Healthcare, previously working for companies such as Allscripts, Cerner and Fujitsu Technology Solutions. Jeff was awarded a BSBA by the University of Denver and an MBA from the Loyola College in Maryland in the USA.

LinkedIn: https://au.linkedin.com/in/jeffrey-smoot-5aa23917

Comments (0)Number of views (5845)

Author: Jeff Smoot

Categories: Insights

Tags: HL7 , Security & Data Breaches

Print

Theme picker

About Us
Vitro Software is a leading international technology company that provide software & services that drive efficiencies and quality for hospitals and healthcare organisations.

Its revolutionary software Vitro enables healthcare providers to move from paper processes to electronic processes while maintaining their original look and feel.
Recent News

Theme picker

Contact Us
CAPTCHA image
Enter the code shown above in the box below.
Copyright © Vitro Software Holdings DAC. All rights reserved.

follow social icon :