A health care provider that is too intent on protecting personally identifiable patient information could take patient privacy beyond the level that is optimal for patient care. At the Children’s Hospital (Denver, Colorado), however, Chris Goodale, radiology data systems administrator, prevented this problem by limiting access to radiology information, making it available only on a need-to-know basis (and in compliance with all privacy regulations).
Goodale reports that the steps that the Children’s Hospital takes to protect patient information from unauthorized access ensure, at the same time, that individual physicians and caregivers have access to the information that they need to care for their patients.
Creating safe methods for the exchange of patient information is a considerable responsibility; as Goodale explains, under HIPAA, liability has been extended to individual health-care personnel, leaving radiologic technologists and radiologists vulnerable to fines or personal lawsuits.
“The burden is on every user, every provider, and every record librarian.”
—Chris Goodale, Children’s Hospital, Denver, Colorado
The portability of digital patient records has greatly benefited patient care, but this ease of transport can create new vulnerabilities at facilities that have not created control mechanisms for email, thumb drives, or CDs. In those places, Goodale says, “From a medicolegal standpoint, a breach would be very expensive.” Fortunately, the data-security methods used at the Children’s Hospital ensure that it is not among the organizations at high risk.
To protect its patients’ privacy while permitting access to records when there is a clinical need, the Children’s Hospital has imposed a strict need-to-see protocol on all patients’ clinical information, Goodale says, and this includes the information created by (and used in) the radiology department. Technologists, record librarians, and nurses are allowed to see only the patient information that they must see to do their jobs. Radiologists have access to complete interpretations, for instance, while others in the department do not.
“All of our users have security that is role based,” Goodale says. “They have access to do their jobs—and not more.” The institution’s Synapse® PACS from FUJIFILM Medical Systems USA, Inc (Stamford, Connecticut), offers system administrators this capability. “Regardless of your role in radiology, you should only go into the patient record if it is part of your job to do so,” Goodale says.
Referring physicians can’t access the electronic health record (EHR) or the PACS unless they have been cleared and given access codes. Code restrictions prevent referrers from seeing information on any patients other than their own. For some patients (including those with behavioral health problems), an extra layer of security—requiring additional passwords—is put in place, Goodale says. Parents can, on request, see the audit trail for access to their children’s clinical information and other data.
EHR access (including access by hospital departments) is automatically tracked. Once each quarter, an IT security risk-management team does an audit to verify that there have been no unusual use patterns or security breaches.
“If I pull up a patient’s record, the system audits that I did that. If I go further, it tracks just where I went in that record. If I go to the radiology tab, it will track that as well,” Goodale says. Radiology file room staff document in the EHR any release of radiology information (including to whom it was released), he adds. Parental release forms are scanned into the system as well.
All departments interface with the hospital’s risk-management and corporate-compliance departments. Goodale says, “They are always available to us if we need direction. If a parent comes in and wants to know who has touched his or her child’s record, we call IT security personnel; they have a process to get that information and report it back to the parent or guardian.”
Workers are taught to turn paperwork upside down in the presence of unauthorized people, and even to interrupt phone conversations that can be overheard, Goodale says. Radiologic technologists and other staff members are continually reminded to monitor EHR (and other) sign-in activity. Because the signed-in employee is responsible for any activity, the hospital requires technologists to sign out whenever they are