Thoughts on football … and protecting patient confidentiality

As we turn to football season, the recent case of Jason Pierre Paul shows how quickly the wrong information can fall into the wrong hands – and just how devastating this can be.
By

Now that summer is over, the kids are back in school, and the football season has officially started, our thoughts naturally turn to … protecting patient confidentiality.

Huh?

Wait, we can explain. Earlier this summer, a star player on the New York Giants, Jason Pierre Paul, had an unfortunate fireworks accident that resulted in the amputation of his right index finger.

Yet as excruciating as this sounds, in many ways, the pain is really just beginning. When you look at the full details, you see that this case actually represents a major – and high profile – data breach of a patient’s confidential information, and a possible HIPAA infraction. With tens of millions at stake, it is no laughing matter.

 

The right to privacy

Consider the details. The news of Paul’s injury first broke the day after this accident, when a hospital worker reportedly told a friend, who then posted this news to Twitter. Rumors then circulated online for several hours before news organizations were able to confirm the injury.

A Forbes article then connected the consequences of this leak. “Paul definitely suffered immediate professional damage, even before the extent of the injury was known. The Giants pulled a long-term $60 million contract offer as they attempted to get more information. ‘Given the timing of the event and the apparent judgment displayed, the Giants do not believe a long-term offer is in the best interest of those involved at this point,’ NFL.com dryly reported —and team officials flew to Florida to attempt to meet with Pierre-Paul, who’s currently unsigned.”

ESPN then got involved when football beat reporter, Adam Schefter, sent an image of the Paul’s medical records as proof of his “scooping” the story. Yet the release of a patient’s information without their consent represents a HIPAA violation. (Ultimately, Schefter will not face any sanctions because HIPAA does not cover members of the media.)

This led to a major controversy and bad press for the hospital, too. Jackson Memorial Hospital was forced to conduct a full-scale investigation into the allegations of an employee leaking Paul’s protected patient information. Between 50 to 100 employees could have had access to the information sent to Schefter, including nurses, physicians, a pharmacist, a dietician, several operating-room nurses and hospitality employees. At this point, the employee responsible for the leak has not been found, but the hospital vows to take full disciplinary action when it does, up to termination. Further, the hospital could face costly fines and be required to dedicate additional resources to internal security and process audits.

What makes this even more painful is the fact that this whole situation could have been avoided in the first place. For example, Nuance capture and workflow solutions could have helped the hospital protect patient privacy with technology such as authorization, user authentication, encryption, and secure output. More, built-in audit trails could help the hospital track all workflow activities, so it could easily see who printed or scanned the document.

If you are still wondering if you’re doing all you can to secure patient data and other confidential information, see how Nuance solutions can help gain control of existing processes to reduce the risk of data loss and improve compliance efforts.

Nuance document imaging solutions for healthcare

Nuance document imaging solutions help healthcare organizations gain control of patient information

Learn more

Tags: , , , , ,

Chris Strammiello

About Chris Strammiello

Chris Strammiello directs the worldwide Marketing and Global Alliances for Nuance’s Document Imaging Division. Under his leadership, the division transformed from solely a desktop software focus to the document imaging industry's most complete product portfolio of desktop, enterprise and OEM offerings. Strammiello has played a strategic leadership role in the merger & acquisition and integration strategies behind Nuance adding eCopy, XSolutions and Equitrac, helping the business unit quadruple its annual revenue. Previously, Chris was Director of Product Management for Nuance's Productivity Division where he successfully drove growth and expansion of speech and imaging technologies. He came to Nuance in 2000 from Xerox Corporation where he held a variety of marketing and strategy positions. Chris holds a B.S. in Marketing from the University of Connecticut.