Access to a lot of data can be a sort of power and with great power comes great responsibility.
Medical information is considered by many as important personal data that should be kept private. We might freely share our birthdays, relationship statuses, and others, freely on social media but most of the time, we like to keep our health statuses to ourselves. This is among one of the reasons why the Health Insurance Portability and Accountability Act of 1996 (HIPAA) was passed.
The HIPAA was primarily written to ensure that all citizens can get access to medical insurance. But as the law is called, it also seeks to hold medical institutions accountable in cases of abuse and theft of personally identifiable information. Today, it is highly risky to transmit this kind of data over unsecured networks. If you are a doctor, dentist, or nurse, you must be able to use a HIPAA compliant messaging system in order to communicate with patients.
What a HIPAA Compliant Messaging System Can Do
Losing your smartphone is one of the biggest inconveniences we can experience nowadays. But more than that, it can be very dangerous, when you consider all of the data you have in it that can now fall into the wrong hands. To protect the personal health information of patients, medical practitioners are legally obligated to use a messaging system that must be able to do the following among others:
1. Secure messages via special codes
Even non medical email inboxes are safeguarded via passwords, moreso, should messages containing personal medical data. This is a must because due to the HIPAA’s Security Rule, electronically protected health information should be “protect(ed) against reasonably anticipated threats to the security or integrity of the information.”
2. Encrypt photos
A lot of medical data are stored in photos. This can be in the form of test results or photos taken for visual examinations. Now that a lot of consultations are performed online because many patients can’t physically visit their doctors, a lot of confidential photos are transmitted to medical institutions. This calls for more security for images so that they can become as tightly protected as text messages, and thankfully, this is one of the obligations mandated by the HIPAA.
3. Delete information in case of loss
Due to the portable nature of smartphones and similar devices, this allows for a high possibility of loss. If such devices contain a lot of important information, it is not enough for the information they contain to simply be password-protected. The command for permanent deletion must be allowed to be performed remotely.
Security Is a Responsibility
It is everyone’s responsibility to take care of their own information, because when we do not, we open ourselves to the dangers of scams and identity thefts. But a lot of the time, we are obliged to reveal our sensitive information to avail services for our own benefit. When this is the case, the burden of security is passed to the trusted institutions.
When you are communicating with your health practitioner, ensure that information is passed only through secure channels. This is your right. When you are a medical worker catering to a patient, this is also your legal responsibility.
Interesting Related Article: “There is a Way to Take Legal Action Against Online Scams“