In a story covered on about HIPAA Breach in Healthcare IT News this week, the HHS Office for Civil Rights settled with two organizations for just under a combined $2 million this week after it was discovered that both had PHI-containing unencrypted laptops stolen. As OCR deputy director of health information policy Susan McAndrew pointed out, the large fines are meant to drive home the
point that unencrypted laptops and mobile devices pose significant risks to patients and must be corrected.The first and bigger of the two fines was levied against Concentra Health Services when it was discovered that an unencrypted laptop was stolen from one of its facilities. OCR made a particular note of the fact that Concentra, through a series of risk analyses over a period of years, had been put on notice that it was allowing patient information to be shared on unencrypted desktop computers, tablets, and mobile phones. Instead of correcting these deficiencies through a documented remediation plan, however, Concentra allowed the bad practices to continue despite the known Security Rule violations. In the end, OCR fined Concentra over $1.7 million for the breach and forced the healthcare organization to adopt a corrective action plan and work with HHS to fix the known issues.“Our message to [healthcare] organizations is simple,” McAndrew said. “Encryption is your best defense against these incidents.”
We’ve argued on this blog about how important mobile device encryption is for a healthcare facility, and the Concentra incident only bolsters our stance. That said, implementation issues are always a concern for a healthcare IT executive, which could explain why healthcare organizations are slow to adopt technologies such as Encryption and Secure Texting that could potentially take millions of dollars of risk off of the table.
Nevertheless, when the implementation is as easy as installing an encrypted mobile application on the phone and writing a policy requiring providers to only send PHI through that channel, an administrator’s job is just about done. In an age of dramatically increasing federal fines, it’s too easy to have a provider lose a mobile device and trigger a full-blown OCR investigation. Encrypt your endpoints and avoid being front page news.
Krishna Kurapati is the Founder and CEO of QliqSOFT. He has more than two decades of technology entrepreneurship experience. Kurapati started QliqSOFT with the strong desire to solve clinical collaboration and workflow challenges using artificial intelligence (AI)-powered digital technologies across the U.S. healthcare system.
Engaging Patients and Connecting Care Teams Through Interactive Digital ConversationsLearn More
Discover how digital platforms are revolutionizing community health centers (CHCs) by alleviating staff burnout through automated messaging, customizable patient engagement, and care coordination. By leveraging chatbot-based digital automation, CHCs can reduce manual tasks, increase patient satisfaction, close gaps in care, and improve staff work-life balance. These platforms enable secure texting, virtual visits, and efficient communication, ensuring patients receive timely and personalized care while allowing staff to focus on patient needs and streamline workflows.
Discover the significance of conversational AI in healthcare as it replicates natural interactions between humans and machines, offering personalized and interactive patient experiences. Healthcare providers benefit from automating administrative tasks, answering queries, disseminating information, tracking symptoms, and analyzing clinical data. Successful implementation requires prioritization, agility, measurement, expansion, realistic expectations, and choosing a results-oriented partner.
During their search for a full telemedicine solution, FCN leaders discovered that QliqSOFT brought to the table all types of mission-critical digital patient communications. Though hesitant initially, FCN leaders “decided to take a leap of faith,” Rocha said, explaining that “terms like chatbot and AI made people nervous.”