Most every topic imaginable has a report, think tank, or field study attached to it. That is just the way it is. “Sophisticated” technology will be necessary to make sure that patient records are unique. Many moons ago when I was active in IT, I was always taught to normalize data by creating rules to stop most bad data from entering the system. Errors such as leading a required field blank or a Social Security Number not entered should NEVER happen. The fix is simple, make the fields required, and stop processing until they are filled and properly formatted. In the 2016 version of the web, this can happen with web-based, app-based, or other forms, and it is a no-brainer. Patient name misspellings cannot be eliminated totally, but greatly reduced if a simple crosscheck query of name fields that correspond with SSN numbers or other information that can verify results. The report wants to make it sound or in practice be harder than it really is, but that is why they get “the big bucks”. “Creating policies and procedures for front-end and back-end staff to follow is foundational for the overall data integrity process” (Katie Dvorak, 2016, para. 8).When you hang around any industry long enough, what is old is new again to different generations.
Katie Dvorak. (2016, April 20). Report: Providers must adopt sophisticated tech, stronger policies to prevent duplicate patient records. Retrieved April 21, 2016, from http://www.fiercehealthit.com/story/report-providers-must-adopt-sophisticated-tech-stronger-policies-prevent-du/2016-04-20
After all of the recent issues with Ransomware and other cyber-attacks in the healthcare field, paying attention to the details can be overlooked at your peril. In my home state of Alabama, a laptop was stolen from a vendor to CVS Health. This laptop, for some unexplained reason, had Protected Health Information (PHI) on it. Of course, it was not encrypted, as per CVS network policy, so somebody had a field day with people who used a certain Pharmacy in Shelby County (Birmingham South Suburban). Their so-called private information was not, and now the company has to inform those on it, and presumably make amends for this.The laptop contained information about customers who have had prescriptions filled at the CVS store at 8370 Highway 31 in Calera, the company announced Monday. The laptop was stolen from the vendor and reported to the Indianapolis police department (Kelly Poe, 2016, para. 2).Interesting tidbit here is that it was reported to a police department over 500 miles away from the “scene” of the crime. A later version of the story said it happened at the unnamed vendor’s locale, which is not the CVS in question.
- This has HIPAA written all over it.
- Ignorance is not bliss.
- Compliance is not limited by company size.
Kelly Poe. (2016, April 18). Alabama CVS’ patient information at risk after laptop stolen. AL.com. Shelby County AL. Retrieved from http://www.al.com/business/index.ssf/2016/04/patient_information_at_risk_af.html