Posts

protecting-patient-data-is-challenging-for-hospitals

Protecting Patient Data is a Topmost Priority During the Coronavirus Pandemic

The last few months have been excruciating for the whole world due to the COVID-19 outbreak. Hospitals have been working tirelessly, tending to the unprecedented number of patients coming in. However, that has not stopped them from experiencing unwanted incidents like data breaches. However, even in this scenario, protecting patient data is a must. 

Protecting-Patient-Data-is-possible-with-RightPatient

An example

On March 20, University of Utah Health started notifying a number of its patients regarding a phishing incident followed by a malware attack. Back in February, the provider detected unusual activities on their employees’ email accounts. After conducting a thorough examination, they concluded that an outsider gained unauthorized access to those employees’ email accounts between January 7 and February 21.

The outsider did this by acting as a trusted source. Thankfully, the U of U Health was successful in securing the affected accounts. Some of the patient data, which was potentially exposed consisted of patient names, DOB, medical record numbers, as well as some clinical information. 

However, that was not the end of the data breach.

After detecting the phishing attack,  U of U Health found out that an employee’s machine might have contained downloaded malware on February 3. After scrutiny, the experts at  U of U Health stated that the malware potentially allowed access to parts of patient data, just like the previous one – names, DOB, medical record numbers, as well as some clinical information.

The matter is still being investigated, and however, U of U Health stated that they did not find any evidence that the affected patient data was misused. The healthcare provider is making changes to ensure that such unwanted incidents do not happen again. 

That is just one healthcare provider. There are numerous that are still facing data breaches, even during the coronavirus pandemic. The crisis makes it ripe for hackers to steal sensitive patient information, as hospitals are having a hard time dealing with the whole situation at hand.

Protecting Patient Data is a Topmost Priority During the Coronavirus Pandemic
Protecting Patient Data is a Topmost Priority During the Coronavirus Pandemic

#1 Biometric Patient ID Platform

Superior flexibility, power & ROI

Medical identity theft issues 

The hackers can steal patient data, and either use it for their purposes or sell it to other parties. The outcome is medical identity theft – someone else assumes the identity of the patients and uses healthcare services, which were initially meant for the patients. Medical identity theft causes the victims to receive shocking bills for services they never used. It can also lead to the healthcare providers being hit with lawsuits by the patients, claiming that the providers did not protect their sensitive patient data well enough. 

How are hospitals protecting patient data?

This is where RightPatient can help. With this contactless patient identification platform, medical identity theft can be prevented easily. RightPatient uses biometric data (such as iris) to store medical records along with capture photos of the patient. Later on, all a registered patient needs to do is look at the camera – RightPatient identifies the accurate medical records within seconds and provides it to the hospital staff. Even in the case of a data breach, patient records are locked with the patients’ biometric information. Thus, also if a third-party assumes the identity of the patient, the platform will immediately detect the fraudster – preventing medical identity theft and protecting patient data.

Also, it is of paramount importance that hygiene is maintained within hospitals, which is why RightPatient’s contactless identification platform makes it ideal for detecting accurate patient records during this crucial time without causing infection control issues. 

At the Becker's Conference, learn how RightPatient prevents patient fraud

At the Becker’s Conference, learn how RightPatient prevents patient fraud

The Becker’s 2017 (and 3rd annual) Health IT & Revenue Cycle Conference is only a few days away! Needless to say, we’re excited, and it’s not just because George W. Bush and Sugar Ray Leonard will be there. The conference has a great lineup of speakers, presentations, and, ahem, vendors like RightPatient that will be providing a wealth of information on a variety of important topics.

The timing of this conference could not be better considering the recent Equifax data breach, which puts over 140 million Americans at risk of identity theft. This has serious implications for healthcare, but the good news is that patients and providers can mitigate their risk with RightPatient.

Since our inception, we have always recommended Photo Biometrics with RightPatient and have never deviated from that position. This didn’t come out of left field; we are, by far, the most experienced vendor in our market segment with 15 years of experience in biometric technology. We have worked with many biometric modalities, implemented our technology in projects around the world, built some massive biometric matching systems, and generally know this stuff inside and out. That’s why we always knew what was best for healthcare and had a vision of how Photo Biometrics would be used with our platform to transform the way that patients are identified.

 

RightPatient accurately identifies patients by simply capturing their photo. At provider locations, this is critical to prevent identification errors and medical record mix-ups that affect patient safety, revenue cycle, and data integrity. With 1,000 patients dying each day from preventable medical errors and hospitals writing off millions of dollars annually from denied claims and patient fraud, health systems should have an easy time justifying RightPatient.

But, for good measure, we now have the Equifax breach. Patient fraud was already a serious issue with 2-10% of patients showing up at the ED and providing false information (I’m looking at you, frequent flyers). We’ve heard countless stories from customers before they implemented RightPatient about frequent card sharing and outright fraud that was costing them millions in annual write-offs (RightPatient has since eliminated these issues). With the personal data of over 140 million Americans now compromised, how much easier will it be for someone to obtain care, access healthcare information, or gain a medical record release under a stolen identity?

Here’s the bigger question – why deal with any of these risks at all? For a small monthly fee, healthcare providers could implement RightPatient and solve these issues. When patients interact with their providers, RightPatient captures their picture and accurately identifies them. The service is contactless (ideal for hygiene/infection control), supports mobile devices (e.g. EMTs, unconscious patients, home health visits), and the patient photos that RightPatient simultaneously captures deliver unparalleled value in various ways.

If you have a chance, stop by our booth #1003 at the Becker’s Conference to check out why RightPatient is transforming patient ID in healthcare and to learn about our vision. We look forward to seeing you there!

 

mhealth requires strict patient identificaiton

UCLA Breach Reinforces Importance to Protect Patient PHI

It’s probably unfair to say that the recent UCLA Medical Center data breach that potentially exposed the personal health information (PHI) of 4.5 million patients was a wake up call for the healthcare industry to implement tighter data security protocols. In fact, it wasn’t a wake up call at all.

Healthcare data breaches have proliferated over the last five plus years, and the Health and Human Services (HHS) public “wall of shame” list of healthcare data breaches involving 500 or more individuals is…well….let’s just say a tad crowded. Since HHS began the list in 2009, 1,265 breaches exposing the records of nearly 135 million people have made the list. Ouch. The UCLA data breach isn’t groundbreaking news, it is simply another chapter in the long novel of healthcare data breaches that have placed millions of patients at risk by exposing their PHI and in some cases, social security numbers and personal demographic information. 

Mhealth-requires-strict-patient-identificaiton-like-RightPatient

The recent UCLA data breach is a strong reminder that healthcare organizations should consider the use of biometrics such as facial or voice recognition to protect patient PHI on mobile devices and patient portals.

The UCLA breach also foreshadows rising demand for tighter security protocols to protect PHI from unauthorized access on patient portals, mobile devices, and other new touchpoints. This rise of additional patient touchpoints to access PHI has vaulted establishing tighter security controls into the spotlight beyond traditional means of authentication. History has shown that username/password-based security is inadequate on mobile devices, yet healthcare organizations continue to adopt technology that uses this method to authenticate patients. Considering the high stakes to protect patient PHI, the UCLA data breach wasn’t a wake up call – it moved the needle to protect patient PHI to Defcon 1. 

The HIPAA Privacy Rule mandates that healthcare organizations secure remote access to PHI data as a safeguard for patient privacy and to eliminate data breaches that can lead to fraud and medical identity theft. The introduction of touchpoints such as patient portals and mobile devices changes the dynamic of protecting patient PHI because it demands adopting strategies that include using modern patient identification systems yet many healthcare organizations continue to rely on antiquated security solutions.  

Healthcare organizations must now consider patient identification systems that can address accurate authentication at each and every touchpoint along the care continuum, far beyond simply implementing technology that covers patient ID at office visits. 

Accurate-patient-identification-enhances-PHI-security-RightPatient

Implementing accurate patient identification when accessing PHI from mobile devices and patient portals must balance strong security with convenience and speed, which is why technologies such as facial and voice biometrics are gaining popularity. The use of biometrics to protect patient PHI is a smart investment, especially if healthcare organizations deploy a solution that offers the flexibility to be used during hospital/office visits and on each and every touchpoint a patient now has the ability to utilize as a means to access health data. Biometric patient identification solutions offer stronger security than user names and passwords and have proven to be more efficient and convenient by eliminating the need and frustration to remember multiple login credentials.

As we experience a sharp rise in patient driven interactions within the healthcare system that offer more avenues for criminals and hackers to access PHI, it is critical that healthcare organizations implement modern identification solutions that have the ability to better protect this information. Biometrics to protect patient PHI is quickly gaining attention as a security solution that can serve this need. Although it’s impossible to determine whether or not biometrics could have helped prevent hackers from obtaining access to protected patient PHI in the UCLA data breach, the use of this technology can help to offer a secure layer of protection that can deter hackers from even attempting to try.