How to Respond When Patient Data Has Been Compromised

Published in Member Communities on July 24, 2019

date image

Every business should have a plan in place for how they will respond to a crisis. This is even more true for healthcare industries where a crisis doesn’t just mean maintaining your own reputation, but the livelihood of your patients. You need to have a plan in place should a cyber security breach occur. Discuss these tips at your next board meeting and put a plan in place for how you will go about handling a situation like this.

Act Fast

A security breach is incredibly serious. Acting slow will only cost you more financially in the end. Delayed responses open up the opportunity for more patient data being stolen and compromised. Too often, companies try to deny that they have a security issue, or justify it by saying it’s minimal. The first step is to work with a trusted security company to determine if the incident caused patient data to leave your network and how many patient records were compromised. The results of this forensic work will determine if the incident was a breach.

It’s important to note that the laws and regulations differ per state. For example, in Iowa if you have more than 500 patient records that have been stolen it is considered a breach. Acting quickly can keep it from spiraling out of control and minimize the financial impact.

Be Honest

The public can sniff out a lie and any kind of fabrication fairly easily. Be honest about the breach and you will be able to restore the public’s trust. Let them know that you are in control of the situation and will do everything in your power to make it right. You can make it right by preventing it from happening again.

Get more details about breach notification guidelines on the U.S. Department of Health & Human Services’ website.

Prevention

You should be upfront about how the breach occurred. When you are honest with this, you will be able to talk about how you will prevent the same situation from repeating itself. If the cause was employee mishandling of information, develop a plan for how you will educate employees in the future of safety protocols and how you are adopting tech systems to assist in preventing user error.

You never know how a security breach will happen to you, but you should be prepared to handle a variety of circumstances. Your business can take steps now to prevent yourself from needing to have a crisis plan. Talk to us about developing an incident response plan.


comments powered by Disqus

From Our Experts

VGM and HME News Team Up for the HME Financial Benchmarking Survey thumbnail VGM and HME News Team Up for the HME Financial Benchmarking Survey HME News and VGM & Associates have teamed up again for this year's benchmarking survey. What does this mean for you? First, you won't be asked to complete a benchmarking survey from both organizations. Second, participants will get the survey results for free, but with the increased responses from our joint efforts, you'll get a more accurate picture of the HME industry. It's a win-win! DMEPOS Warriors: Sue Currence, BSN, RN, WOCN for Austin Pharmacy & Medical Supplies thumbnail DMEPOS Warriors: Sue Currence, BSN, RN, WOCN for Austin Pharmacy & Medical Supplies Meet Sue Currence, BSN, RN, WOCN for Austin Pharmacy & Medical Supplies, a VGM member since 2016! As a wound, ostomy, and continence nurse (WOCN), Sue has a vast knowledge of the wound care industry. We asked Sue about her experience with wound care and its importance as a specialty in the home medical equipment industry. DMEPOS Forecast: More Healthcare at Home thumbnail DMEPOS Forecast: More Healthcare at Home This episode gives listeners a glimpse of behind the scenes at VGM Fulfillment with President, Jeremy Stolz, and a look ahead for DMEPOS providers with VGM Group CEO, Mike Mallaro. Deadline to Apply for HHS Relief Payments (Round 2) June 3rd thumbnail Deadline to Apply for HHS Relief Payments (Round 2) June 3rd Those of you who received a payment from HHS between April 10 and April 24th (the payments that were automatically sent to you, that you didn't ask for or apply for) are able to apply for a second round of HHS Relief Payments. In fact, ONLY companies that received Round 1 HHS relief payments can apply for Round 2. I've included a few links below that are pertinent to the Round 2 application process. Order a Custom Video From VGM thumbnail Order a Custom Video From VGM As a VGM member, you make a huge impact on the lives of people in your community. Now, you can promote your services in a professionally made video. For just $90, you'll be able to post, share, and send your very own Bring It Home video. Hellman, a division of VGM Group, will add your logo to the end of the video, branding it as yours to use in any or all of your marketing. Order a Custom Video From VGM thumbnail Order a Custom Video From VGM As a U.S. Rehab member, you make a huge impact on the lives of people in your community. Now, you can promote your services in a professionally made video. For just $90, you'll be able to post, share, and send your very own Bring It Home video. Hellman, a division of VGM Group, will add your logo to the end of the video, branding it as yours to use in any or all of your marketing. Start With Yes: A Chat with Bellevue Healthcare's President, Joel Gallion thumbnail Start With Yes: A Chat with Bellevue Healthcare's President, Joel Gallion U.S. Rehab President, Greg Packer, asks Joel Gallion, President at Bellevue Healthcare in the state of Washington, what it's been like on the front lines of the COVID-19 pandemic. U.S. Rehab Recap and Plan for 2020 and Beyond thumbnail U.S. Rehab Recap and Plan for 2020 and Beyond In these very trying times during the COVID-19 pandemic, U.S. Rehab is working diligently to keep our members updated on the changes that are happening in D.C. with CMS and how this is affecting our membership community. We have worked diligently alongside many industry leaders, including NCART, NRRTs, the ITEM Coalition, and many manufacturers and providers to ensure the success of our industry.