Professional Documents
Culture Documents
5 Ways To Maintain Patient Confidentiality
5 Ways To Maintain Patient Confidentiality
The digital world has revolutionised patient confidentiality. How can you hope to protect information with
the growing dependence on online portals and device connectivity?
4. No mobile phones
An easy way to eliminate possible threats to patient confidentiality is to strictly limit or remove mobile
phones from patient areas. This ensures that no one could either maliciously or accidentally record or
photograph private records or information. According to research by Imperial College healthcare NHS trust
in London 65% of doctors used SMS to communicate with colleagues about a patient, opening up concerns
about privacy.
This can sometimes be a difficult rule to enforce given the proliferation of digital devices. However,
regularly reminding staff and patients why it is their best interests can help to reduce any resistance.
Strictly controlling the use of mobile phones helps to reduce the possibility of information theft.
health of fellow employees or family members out of concern for their well-being. There are reports
of health care workers accessing health records to determine the possibility of sexually transmitted
diseases in colleagues with whom they were having a relationship—or in people with whom former
spouses were having relationships. Potentially embarrassing health information (e.g., psychiatric care
episodes, substance abuse, physical abuse, abortions, HIV status, and sexually transmitted diseases)
about politicians, entertainers, sports figures, and other prominent people regularly finds its way into
the media.
Threat 3: Insiders who knowingly access information for spite or for profit. This type of threat arises
when an attacker has authorization to some part of the system but not to the desired data and through
technical or other means gains unauthorized access to that data. An example is a billing clerk who
exploits a system vulnerability to obtain access to data on a patient's medical condition. For example,
the London Sunday Times reported in November 1995 that the contents of anyone's (electronic)
health record in Great Britain could be purchased on the street for about £150 (or about $230).7
Threat 4: The unauthorized physical intruder. In this case, the attacker has physical entry to points of
data access but has no authorization for system use or the desired data. An example of this threat is
an individual who puts on a lab coat and a fake badge, walks into a facility, and starts using a
workstation or asking employees for health information.
Threat 5: Vengeful employees and outsiders, such as vindictive patients or intruders, who mount
attacks to access unauthorized information, damage systems, and disrupt operations. This is the pure
technical threat—an attacker with no authorization and no physical access. An example is the
intruder who breaks into a system from an external network and extracts patient records. Threat 5 is
truly dangerous only when patient records are accessed regularly through an external network. It is
clear that most providers are moving toward the use of networking and distributed computing
technologies as they move toward electronic medical records. Threat 5 is therefore a latent problem
on the horizon. The current reliance on paper records and the preoccupation of system managers with
internal systems make threat 5 low in perceived importance and, so far, low in reported incidence.
This situation is unlikely to last past the point at which internal systems are connected to external
networks.