Informing patients about identity theft risk is not a strict legal requirement but not informing them could lead to serious consequences, not only for the individual involved but also for the hospital or clinical practitioner who decided not to inform the patients of identity theft risk. In this article we will look at a number of ideas to help you establish how, when and whether you should inform your patients about the possible risk of identity theft.
The first principle which you should always try to stick to is one of data security. Hopefully with proper security systems in place the need to inform patients about breaches in this security will be minimal. Data security involves systems such as secure passwords on all your computers, data encryption, anti-spyware software and any other security measures which your IT specialists may suggest. If these security measures are strictly adhered to and staff are trained in these and the importance of data privacy then informing patients about identity theft risk should only happen on the very rare occasion.
Some people feel that by informing patients too often of the risk of identity theft that they will become de-sensitized to the risk, however, if you have correct security systems in place you will hopefully not need to do it too often, and it is important that if there is a real risk of identity theft that the patients are informed of this risk in order to take precautionary measures.
If the risk is high in a certain case of breach of security then it important that patients are informed of the risk of identity theft in a timely manner and they should also be informed of what the hospital is doing in order to catch the suspect and prevent further harm from being done.
It would also be a good idea in these circumstances to provide guidance for patients concerned as to what measures they should be taking in order to protect themselves – such as contacting the credit bureaus, creditors and other parties.
Informing patients about identity theft risk is not a strict legal requirement; however, if hospitals are found negligent in this then the consequences could be severe and amount to millions of dollars in fines. The consequences for the patients involved could also be severe, not only in terms of financial risk but also in terms of personal health information that could land in the wrong hands. All data security measures should be in place long before this need ever arises but if there is a serious risk of identity theft occurring then patients should be informed in a timely manner and given guidance as to how they ought to proceed with protecting themselves and what the hospital is doing in this regard.
Take the time to protect your identity so that you too won’t have to suffer through the loss. If you pay bills on line make sure you only use secure sites to do so. With so many great firewalls and computer programs such as Norton’s anti-virus it is tough to break down such security systems in place.