In an interesting piece posted over the weekend at The Health Care Blog, Dr. David Do described a recent reported data breach by the Oregon Health & Science University. The event, which was reported to patients at the end of July, was triggered when OHSU administrators discovered that medical residents were storing patient records in Google Drive, a free, cloud-based document storage platform. While the 3,000 or so patient records discovered to be stored in the cloud were not actually “breached,” regulatory requirements under the HIPAA/HITECH Breach Notification Rule required administrators to notify all of the patients affected.
As Dr. Do notes, the incident underscores one of the greater issues present in the practical application of healthcare IT: despite the impressive mix of EMRs and other health-related IT tools on the market today, the very basic needs of healthcare providers still remain unfulfilled. One such practical need is the ability for healthcare providers to safely collaborate with one another electronically. As EMR systems continue to neglect the need for this collaboration among healthcare provider teams, the very same providers will look to alternative methods to satisfy the needs of their patients. And as a compliance officer or a CIO, by the time you find out that your employees are using unapproved mass market solutions, it’s usually too late.
Free cloud-based storage tools such as Google Drive or Dropbox are remarkably usable and convenient. I happen to use both on a regular basis to share documents across devices and with different people. However, despite the practical uses of these products, they were not designed to share highly sensitive data such as PHI. Moreover, when a patient record gets uploaded to the server of a third-party provider, the data has gone off hospital premises and into the custody of a de facto business associate with no BAA in place. Show me someone who has gotten Google to enter into a BAA, and I’ll show you a liar.
Here’s the bottom line: the providers at your facility have a deep thirst to use electronic tools to share patient data in a laudable effort to improve care for their patients. Given the inadequacy of existing EMR systems to provide this ability, your providers are going to find one way or another to assist with this workflow. As someone in charge of your information systems or compliance program, it’s much better to vet out the possible tools for them to use on the front end than deal with the potential data breach on the back end.
Krishna Kurapati is the Founder and CEO of QliqSOFT. He has more than two decades of technology entrepreneurship experience. Kurapati started QliqSOFT with the strong desire to solve clinical collaboration and workflow challenges using artificial intelligence (AI)-powered digital technologies across the U.S. healthcare system.
Engaging Patients and Connecting Care Teams Through Interactive Digital ConversationsLearn More
Discover how digital platforms are revolutionizing community health centers (CHCs) by alleviating staff burnout through automated messaging, customizable patient engagement, and care coordination. By leveraging chatbot-based digital automation, CHCs can reduce manual tasks, increase patient satisfaction, close gaps in care, and improve staff work-life balance. These platforms enable secure texting, virtual visits, and efficient communication, ensuring patients receive timely and personalized care while allowing staff to focus on patient needs and streamline workflows.
Discover the significance of conversational AI in healthcare as it replicates natural interactions between humans and machines, offering personalized and interactive patient experiences. Healthcare providers benefit from automating administrative tasks, answering queries, disseminating information, tracking symptoms, and analyzing clinical data. Successful implementation requires prioritization, agility, measurement, expansion, realistic expectations, and choosing a results-oriented partner.
During their search for a full telemedicine solution, FCN leaders discovered that QliqSOFT brought to the table all types of mission-critical digital patient communications. Though hesitant initially, FCN leaders “decided to take a leap of faith,” Rocha said, explaining that “terms like chatbot and AI made people nervous.”