HIPAA Blog

[ Wednesday, April 20, 2022 ]

 

 How to stop snoopers: Humans are naturally curious, and most people are curious about their friends, family, and peers.  That natural impulse may be a major contributor to of one of the biggest risks HIPAA covered entities face to data security: insiders accessing information improperly, a lot of which is nothing but pure snooping.  

However, a new study published in JAMA Network Open has found an effective way to stop snoopers after the first bite: an email telling them to stop.  The study looked at all non-care-team access to records at a large academic medical center over a 6-month period.  Half of the offending snoopers got an email telling them their access was improper and warning them not to do it again; the other half got no warning.  Only 2% of the warned group went on to snoop again, but 40% of the control group resumed snooping. 

That sounds like an extremely effective strategy.  I've always been in favor of rehabilitative-but-highly-visible responses to HIPAA violations: people make mistakes and shouldn't be whacked too hard for one-off judgment errors, but showing a serious response to even minor HIPAA issues can set a good tone for the organization.  This study seems to back that up.


Jeff [9:27 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template