Is your tinder date snooping on your electronic medical records?
Determined not to spend Valentine’s Day alone with your Netflix account, you’ve scheduled a date with a cute match from a dating app. Naturally before you meet up, you put their name into Google to see what comes up. Their social profiles may be viewed before you meet, but if you only have their first name, what else could you know? What about their full legal name and medical history? If you work at a healthcare organization and have access to private patient data, it could be pretty tempting to type in their first name and last initial and see if you can find some details. Before you ask, “Who would do that?” We have to say yes, it happens. More often than you would think.
How EHR snooping happens
For nurses, doctors, medical personnel, and others working in a healthcare organization, EHR systems are often open so they can quickly access information for patient treatment. This is crucial when it comes to patient care, but unfortunately means those systems are open to curious individuals looking to snoop. So let’s say an employee has a date coming up, and they know this date’s first name and last initial. It’s easy enough to enter that and scroll through every “Alex B.” in the database until they find their date and their private patient data. They may also utilize the EHR directly to collect additional information of interest such as marital status, vaccination status or medical history. But, this unauthorized access can cause major issues.
Why EHR snooping is a problem
Viewing patient data, or sharing it, without a medical reason or consent is a direct violation of HIPAA regulations. Just using the EHR system to access any of this information is, within itself, a violation. Not only that, but if you don’t know someone’s last name, so you’re typing in “Alex B.” and scrolling through the files of every “Alex B.” in the system, that could be dozens of small violations. Many organizations do have patient privacy monitoring systems in place, so there is a risk of getting caught, which can result in distrust, reputation damage, and fines for the healthcare organization.
How Imprivata can solve this problem
Imprivata FairWarning is the perfect solution to this Tinder snooping problem: using artificial intelligence, it automatically detects and flags instances of impermissible activity that is harder to predict but needs to be investigated. Using rules and AI, it applies machine learning to the output from both detection approaches to tailor future output to your organization’s specific priorities and risk tolerance level. Snooping through health records – whether they belong to a coworker, roommate, neighbor, or even a Tinder date – is always a HIPAA violation. But with Imprivata FairWarning, your organization will be equipped with the tools necessary to ensure compliance and keep your data safe from any prying eyes.