Archives for 

data breach. legal

The Accidental Breach

We don’t have any hard numbers, but the feeling amongst our analysts ois that Accidental breach of Phi is likely by far the most common type. Accidental Breach you say? Just what is that?

An accidental breach should not be confused with a negligent or breach, although the lines indeed blur. For instance, throwing a printout of a patients lab order in the trash instead of shredding it would be a negligent breach, even though the person who did so might say “It was an accident!”.

I was recently a speaker for a dental study club. The topic of my talk was “How they Hack” where we followed the path often used by hackers  and criminals that results in a breach. After my time was done, the next portion of the study club was an overview of a case that several of the attending Dentists and Orthodontists had worked on together.

 

A power point ensued and many of the slides contained PHI! Had the study club been a completely closed session with only Dental Professionals, this would not have been an issue at all, however; there were both vendors and food service staff present in the room! This was technically an accidental breach.

Things like this will happen, and no regulation, policy, nor procedure will stop them 100%. So what can we do as both healthcare and technology specialists? Learn from our mistakes and ask questions. In particular if there is any doubt get a second opinion and set of eyes on any situation that involves or has the potential to involve patient data. Also don’t sweat the “Little Stuff”, technology and security change in the coming year will give us all plenty of “Big Stuff” to worry about.