What Facebook Can Teach You About EHR Security

What Facebook Can Teach You About EHR Security

Facebook and security: these two words rarely show up in the same sentence together without loss and frustration being there too.

Through Facebook, the concept of “privacy” has changed in meaning. If you put your information in, assume it’s ready and waiting for the taking. If you use the system, assume you’ll be influenced by ads targeted by your demographics. You’ll be targeted on everything from what to buy to who to vote for.

Facebook is facing challenges through court systems around the world. Whether you follow the proceedings or not, the final outcomes will ultimately impact you too. The world is watching Mark Zuckerberg as he navigates his way through congress, and eventually settles on how to move forward from here. How will that change how we operate online? How will that change how we communicate with the rest of the world? How will that impact the way we manage our practices, no matter how big or small?

Start by being transparent with patient data

One of the critical problems Facebook has faced over the past few years is trouble with transparency. They gathered data - arguably some of the most detailed personal data in the world - and released it equally as fast without providing the details.

If you’re going to gather data from patients for use in an EHR, answer a few questions before you collect it.

  • Why am I collecting this data?
  • How much data do I really need?
  • What will I be doing with this data?
  • How will I be storing it?
  • Is the data well protected?
  • Am I staying on top of security to my best ability?
  • What’s the plan if something goes wrong?

Don’t ask these questions in the dark; talk with your employees too. Ensure that everyone who handles the EHR system understands the accessibility and limits of the system, and has access to what they truly need.

Get help for analyzing and auditing

While national support for EHRs didn’t start until 2009 as a part of President Obama’s American Recovery and Reinvestment Act of 2009, the concept goes back much further than that. As early as the 1960s, medical personnel started discussing the benefits of having industry-wide standards, and the benefits of using electronic medical information for better services.

A lot has changed over the years. And the number of changes isn’t about to slow down now. The process of regulating what we can and can’t do with data is still in its infancy. Not only will we be impacted by what’s happening right here in America, but we also have to pay attention to what’s happening around the world - the European Union’s General Data Protection Regulation from 2018 proves that.

The only way to ensure you’re protecting and securing your own data and systems is to be auditing it from all directions continuously. You have a responsibility to protect your data, and to ensure you stand up to worldwide rules.

Trust is everything. If one hole exists, if one breach causes a problem within your practice, your patients could easily walk out the door.

We’re not Facebook. None of us can live up to the scrutiny that Facebook has faced in the past few years.

But we can learn from their mistakes.

For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.