Dealing with sensitive information — both paper and electronic — and keeping it out of the wrong hands is a major challenge for healthcare providers. The Healthcare Professionals Section spoke with Dr. Moshe Lewis, a physician and pain management specialist in San Francisco, California, to discuss practices healthcare workers can follow to reduce risk of exposing private data, and the roles Notaries may play in the future in privacy protection.
What are some basic steps healthcare professionals can take to better protect documents with sensitive information?
I think one of the biggest challenges we have is that the healthcare industry is a couple of steps behind other industries when it comes to securing data. We need to encourage offices to rely less on paper and move more toward electronic records. Having paper documents floating around the office is a security vulnerability — for example, if a fax comes in, it may be handled by office workers, doctors or nurses and can easily be lost, misfiled or destroyed. What makes it more complicated is that different workers in a healthcare setting have different levels of acceptable access to information. But at the same time, often staff members see information they shouldn’t. We need to carefully track where paper documents are routed in a healthcare office setting.
What will the Notary’s role be in a paperless work environment?
Just recently, I was locked out of a database due to a password issue — to regain access, I had to submit notarized documents verifying my identity. Notaries will play an important role in verifying identity when accessing information, even as we move to electronic records. We still need that human element. Having Notaries as part of the identification process provides an additional layer of security and helps weed out people trying to access information improperly.
What practices can Notaries and other healthcare professionals adopt to help protect patient information?
One is don’t casually share or gossip about any patient’s information you come across in your work. An example of this is information about celebrity medical patients — it may be exciting to find out a celebrity or other well-known individual is a patient at your location, but you shouldn’t try to access inappropriate information about them or tell other people who have no need to know. While healthcare professionals may come across such information in the normal course of their duties, remember that you wouldn’t want strangers prying into a close family member or friend’s medical condition, especially if it was serious. Imagine if someone was talking about your mother or spouse instead of a celebrity. Patients are people regardless of their status; we have to protect their privacy no matter who they are.