How to Respond When Patient Data Has Been Compromised

Published in Member Communities on July 24, 2019

date image

Every business should have a plan in place for how they will respond to a crisis. This is even more true for healthcare industries where a crisis doesn’t just mean maintaining your own reputation, but the livelihood of your patients. You need to have a plan in place should a cyber security breach occur. Discuss these tips at your next board meeting and put a plan in place for how you will go about handling a situation like this.

Act Fast

A security breach is incredibly serious. Acting slow will only cost you more financially in the end. Delayed responses open up the opportunity for more patient data being stolen and compromised. Too often, companies try to deny that they have a security issue, or justify it by saying it’s minimal. The first step is to work with a trusted security company to determine if the incident caused patient data to leave your network and how many patient records were compromised. The results of this forensic work will determine if the incident was a breach.

It’s important to note that the laws and regulations differ per state. For example, in Iowa if you have more than 500 patient records that have been stolen it is considered a breach. Acting quickly can keep it from spiraling out of control and minimize the financial impact.

Be Honest

The public can sniff out a lie and any kind of fabrication fairly easily. Be honest about the breach and you will be able to restore the public’s trust. Let them know that you are in control of the situation and will do everything in your power to make it right. You can make it right by preventing it from happening again.

Get more details about breach notification guidelines on the U.S. Department of Health & Human Services’ website.

Prevention

You should be upfront about how the breach occurred. When you are honest with this, you will be able to talk about how you will prevent the same situation from repeating itself. If the cause was employee mishandling of information, develop a plan for how you will educate employees in the future of safety protocols and how you are adopting tech systems to assist in preventing user error.

You never know how a security breach will happen to you, but you should be prepared to handle a variety of circumstances. Your business can take steps now to prevent yourself from needing to have a crisis plan. Talk to us about developing an incident response plan.


comments powered by Disqus

From Our Experts

A Breakdown of the SBA Paycheck Protection Program thumbnail A Breakdown of the SBA Paycheck Protection Program The Paycheck Protection Program (PPP) is the third phase of the government's $2.2 trillion government's relief package, the Coronavirus Aid, Relief, and Economic Security (CARES) Act. It was created to help small businesses cope with the COVID-19 outbreak. Complex Rehab Highlights on CMS Waivers and Rules thumbnail Complex Rehab Highlights on CMS Waivers and Rules CMS released new waivers and rules to increase the flexibility for healthcare providers during the COVID-19 pandemic. Here is a quick overview for CRT. CMS Announces New Waivers and Rules to Help Healthcare Providers thumbnail CMS Announces New Waivers and Rules to Help Healthcare Providers Yesterday, the Trump Admiration released an array of temporary regulatory waiver and new rules to help equip the healthcare community with flexibility during the COVID-19 pandemic. Our VGM Government team will continue to process the information and what it means for our members. Helping You Navigate COVID-19 thumbnail Helping You Navigate COVID-19 As we continue to try to decipher the vast amounts of information we get on a daily basis about the coronavirus and its impact on our healthcare system, economy, education, families, and all other facets of our lives, one fact is ultimately true—we are all in this together! Please continue to reach out to us with questions, feedback, and success stories. U.S. Rehab Continues Helping Members During COVID-19 thumbnail U.S. Rehab Continues Helping Members During COVID-19 Our team here at U.S. Rehab is working hard every day to meet the needs of our membership. We are fielding calls, emails, and reaching out to our valued members and manufacturer partners to see how we can help. If there's a problem that you're experiencing, we want to hear from you, whether it's access to the VA or a rehab facility, concerns about getting paid for your services, telehealth concerns, etc., please reach out and let us know at [email protected] Clarification on What is a “Healthcare Provider” in the FFCRA thumbnail Clarification on What is a “Healthcare Provider” in the FFCRA In phase 2 of the government's COVID-19 relief package, passed nearly 2 weeks ago and known as the Families First Coronavirus Response Act (FFCRA), there was language exempting certain business types from being required to offer expanded medical leave and sick leave to their employees. VGM clarifies these exemptions in the following article. House Passes Coronavirus Stimulus Plan - HME Legislation Included! Heading To The President's Desk thumbnail House Passes Coronavirus Stimulus Plan - HME Legislation Included! Heading To The President's Desk On March 27, the Coronavirus Stimulus Package, H.R. 748, passed the House. The bill will now head to President Trump's desk for his signature. Much needed reimbursement relief will be coming to home medical equipment suppliers! The bill includes language from H.R. 2771, which provides relief for areas deemed rural and non-rural by CMS. U.S. Small Business Administration Offers Low-Interest Rate Loans thumbnail U.S. Small Business Administration Offers Low-Interest Rate Loans The U.S. Small Business Administration (SBA) is offering designated states and territories low-interest federal disaster loans for working capital to small businesses suffering substantial economic injury as a result of the coronavirus (COVID-19).