Security Breach



The other day one of our doctors forgot his cell phone at the restaurant where he was having lunch. He rushed back to retrieve it, but unfortunately it was gone. In the meantime, an employee at our practice had text messaged his phone some confidential information about a patient.



Needless-to-say, our doctor was mortified over the situation. We all know the serious consequences of breaching doctor-patient confidentiality, and while this was an unforeseen incident, it still felt like a serious betrayal.



Naturally, I went into research mode, and now I'd like to offer some handy tips to help prevent this from happening to anyone else in our profession:

• Use your cell phone autolocking feature. Practically every cell phone has a function that allows it to work only after a PIN has been entered to unlock it.


• Report a missing cell phone immediately. Call your carrier the minute you think it's gone, and have it disabled. You can always have it reactivated if you should find it, and while you may lose some information in the process, that's better than having it out there for all to see.


• Avoid having specific patient information text messaged. This was a particularly important lesson our doctor learned the hard way. From now on, no one in our office is allowed to text message unique patient information such as the date of birth or a social security number.


• Use password protection on all spreadsheets and word documents that have confidential data. This is an obvious step on any office software, but many of us never imagine the consequences of potential hackers out there.

Another step I took recently was to ban the use of Instant Messaging in the office. It was rarely used for work purposes, and seemed like a way for many employees to chat and waste time. Also, I worried about the security issues of having a direct portal from the outside world into our computer system.

I know a few employees were shocked about the IM, as I am known for being something of an old softie. Still, my reputation is such that when I make a business decision, people know that I mean business.

Of course, I'd love to hear suggestions or input from you regarding this issue of making technology more secure in the workplace. Please don't hesitate to leave a comment. I enjoy hearing from you!