Most of us go to great lengths to keep our homes safe and secure. For some this may mean a locked front gate, an alarm, security lights, or maybe even cameras to monitor your property remotely. For your valuables the level of protection may be increased by keeping them locked away in a safe. The success of you protecting your home is dependent on all layers of protection being in place, and working. If you have an alarm – make sure it is on, and don’t leave the front door open!
Now ask yourself this question, do you follow the same logical steps when it comes to protecting patient information?
Patients rightly expect that we will respect and protect the information they provide to us. With rapidly changing technologies and external threats, our ability to maintain the privacy, confidentiality and security of this information is challenged. Breaches of health information can have serious personal and reputational consequences for both patients and providers in addition to a financial and organisational impact.
Cyber security is a very contemporary issue for all organisations – large and small. At Counties Manukau Heath we work diligently within our organisation, across the region and in partnership with healthAlliance to manage the risk. Cyber issues are also being raised at a governance level with Boards to ensure that organisations such as ours have appropriate systems in place. In this context, individuals within our organisation also have a responsibility to take appropriate steps.
Using the ‘In the house’ analogy, each of us as users are responsible to ensure that the front door remains locked, with healthAlliance maintaining all other layers of security. The success of this security infrastructure is dependent on each of us to be vigilant and alert.
As progress continues towards the development of a national infrastructure for electronic health information, security of electronic data becomes increasingly important. Firewalls, strong security protocols, antivirus programming, and password protections are essential. Similarly, attention to data security must not stop at the workplace. Health care professionals should follow secure procedures when using portable electronic devices and home computers.
Last week doctors and nurses at Middlemore Hospital were asked to participate in a 4-6 week trial using tablets at the bedside instead of using a ward computer. While this is an exciting innovation that provides opportunity for clinicians to spend more time with their patients, protecting patient privacy is a priority. For that reason, tablets are password protected and information remains secure on the hospital network.
Ensuring the integrity of the health information protection process is a shared responsibility of all health care providers and is vital to the trusting relationship with patients. If you are not familiar with the Safe IT Practices Policy I recommend you give it a read. You can also remain vigilant by following the tips below:
- think before clicking on links or attachments from sources you don’t know, this is critical to ensure that we don’t introduce viruses or malware into the system
- think before reacting to any unusual request from someone you know that was not requested in-person
- do not send any confidential information to your personal email address
- don’t use public WiFi zones to send sensitive information
- protect your password – don’t give it to others when you are away
- don’t store patient information on your shared drive
- use an encrypted USB stick
- reset your password every 90 days or earlier
- don’t leave personal, sensitive or confidential information lying around.
And a helpful rule of thumb – if you receive an email or attachment that looks suspicious or if you are unsure, get in touch with Leanne Elder, Deputy Chief Information Officer via email: Leanne.Elder@middlemore.co.nz
Protecting patient information is a team effort and the more vigilant we are, the better equipped we are to protect ourselves and the people under our care.