It has been reported that a former employee at an upstate university hospital accessed 1,216 confidential patient records between November 2016 and October 2017. According to the hospital, the records are not thought to have been misused, redirected or printed by the former employee, but this cannot yet be confirmed until it has been fully investigated which may take some time.
Unfortunately, internal incidents like this are becoming more frequent and organizations are under increased pressure to demonstrate they have the capability to quickly identify when and how any data breaches may have occurred and what remedial action they have taken in response. In the case of the Healthcare sector there is generally a higher volume of printing, copying and scanning of paper based documents which makes monitoring of these activities and real-time identification of a possible unauthorised activity an important factor in ensuring relevant compliance.
If the university hospital had a robust DLP (Data Loss Prevention) strategy in place, including a document management solution to monitor, track, and even prevent confidential material from being printed, it could have provided the university hospital with an immediate notification of any unauthorised printing of sensitive data. That would have enabled them to manage the situation in a timely and more effective manner, saving resource, time and cost.
Craig Hospital in Colorado, a world renowned rehabilitation hospital, has managed to enhance compliance with HIPAA (The Health Insurance Portability and Accountability Act), through implementing FollowMe® by Ringdale to provide full management, tracking and security capabilities.
In addition, they have also seen dramatic productivity improvements, enabling staff to spend more time serving patients’ needs.