Posts Tagged PRIVACY

On #DataPrivacy Day

Introduction

On Data Privacy Day, I thought it might be helpful to write a little bit regarding the nature of privacy in the healthcare world. Many people know that there are laws like HIPAA that are in place to protect patients from their personal health information being breached. And while there are stories regularly about breaches, the amount of effort that goes into protecting health information is immense. Maybe by providing some insight into that world you, as a reader or one of our clients, might gain a greater sense of confidence or understand ways in which you can also protect yourself.

It’s more than just privacy

In order to manage the private information of all of our clients across the United States, MINES employs the use of an electronic health record system that stores and protects access to information, even from within our own company. We use layers of access and control as well as tracking our own users within the system. This also means that we have to employ some pretty strict control mechanisms within the system to ensure that security of data is maintained.

But, there are many times when we need to exchange information with other groups on your behalf. An example of this is providing an authorization to the provider that they are pre-approved to receive payment for services. To do so, many providers elect to receive this information via email, in which case the provider is sent a notification email where they are prompted to log into a secure website where that information can be accessed. We have structured our agreements with these providers to protect that information as best we can from the very beginning.

Part of the key to good data privacy policy that MINES employs is to only ask for information that is needed to provision services. For most of our clients, especially on the Employee Assistance side of our services, we ask for the last four digits of your social security number. This is used to help verify identity for later discussions with you. But the reason we don’t ask for your full social security number is because it creates a situation where we are storing information that isn’t critical to our needs to serve you.

Identity and security

As mentioned above, a critical element to protecting your privacy is tied to identity. Without going too deep into how this is handled across the healthcare industry, identifying an individual is usually done at MINES by their date of birth and last four digits of their social security number. From there, all internal work is handled by using a unique identifier, called a Patient ID. This allows us to be able to reference information from the central patient database without using your name, or other personally-identifiable information; decreasing the likelihood of erroneously sharing your data.

A note on confidentiality

Your information is never shared with your employer except in the case of Work Performance Referral in which case you will be asked to complete a letter explicitly allowing us to communicate with your employer regarding your progress. Your information is also confidential from disclosure to other employees at your company or anyone else for that matter without your permission. For example, even your spouse or family member cannot receive information about you from our staff without your permission. The exception to this is when information that we receive poses a threat to others, in which case we may be legally required to act.

Ways you can protect yourself

This isn’t meant to be alarmist, or to suggest that you shouldn’t provide as much information as you can with MINES. We implement a lot of control to make sure that the information that you provide to us is protected. However, below are a few things that you can do to help protect yourself.

Email

If you elect to receive email from us – for example, to communicate about an upcoming session, or request additional information – you should know that email alone is not secure. While most information that would be sent isn’t highly sensitive, it’s certainly something to be aware of. Regarding corporate email, specifically, most information that flows through corporate email servers is logged, stored, and likely accessible to IT professionals on some level at your organization.

Request a copy of the privacy notice

All providers should have this readily accessible to clients. By reading through the privacy notice, you can get a sense for how information about you can be used and what recourse you have in the case of a breach or needing a copy of your record on file with the provider. If you’d like to see our privacy policy, you can find that on our website, here.

Voicemail

As mentioned above, regarding the confidentiality of your information, when you call into MINES to receive access to services, the staff will ask if it is okay to leave voicemail. By providing a voice mailbox that is accessible only to you, we can make sure that your information is not being shared with other parties.

What’s on the horizon for us

In an effort to continue to meet the needs of privacy in an ever-more-connected world, MINES is engaged in a number of initiatives that will further protect and ease information exchange to simplify how we work with you. Soon, you will be able to create an online account with us where your history with MINES can be accessed. You and your provider will be able to use this platform to communicate with each other in a secured environment. You will be able to create your own account with us without calling in, so that if you want to request services but are concerned about someone overhearing the call, you can do so silently. And perhaps most exciting from my perspective, you will be able to create and access your account using a Facebook or Twitter account, allowing you to quickly authenticate your identity without pesky usernames and passwords!

We take security very seriously at MINES. We want you to have peace of mind when sharing information with us. If at any point in time you have questions, concerns, or suggestions regarding how we handle privacy and security, we welcome your insight. You can email or call us during regular business hours at info@minesandassociates.com or 800.873.7138.

To your health,

Ryan Lucas
Chief Information Officer
Security Officer
MINES & Associates

Advertisements

, , , , ,

Leave a comment

Health inSite: Decisions and Privacy

Originally posted on xchangehealth:

There is a shift in healthcare related to our concept of privacy that is sorely needed – and it’s probably a little different than what you’ve heard from a lot of groups/people around the web.

We need to stop thinking about healthcare as a private thing.

As far as information about us, it’s simply no longer acceptable to consider our lives as private.  Not in a time where we actually understand our social network to such a degree that we can accurately and effectively map our connections in the social network (not like Facebook but friends, family, co-workers, neighbors, and the ‘guy at the gym’) and understand how we consciously and unconsciously make decisions about how we behave.  These behavioral changes manifest in health outcomes and as we move to a healthcare system (rather than a sickcare system) what you do is what you are – or more precisely what you are going to become.  Now, I’m not saying you shouldn’t be protected from abuse or discrimination or anything like that, but functionally, your decisions every single day are going to have an impact on more than just you; you owe some accountability to your social network (and they to you) as to what your decisions are doing every day, because Community is the Key to Health.

You may not know it yet, but what you decided to eat for lunch today (if you ate lunch today – and for some of you that might not even be the case) was decided long before you actually ate your lunch.  Here’s a non-exhaustive list of the ways in which this decision was made before you actually ate it:

Schedule: The structure of your day had an impact on what you ate for lunch.  Did you have a co-occurring meeting and therefore ate a “bagged lunch?” Did you have a meal prepared ahead of time – and if not did you have to throw a lunch together this morning before leaving, or did it force you to “forage” for a lunch?

Environment: Consider how the environment surrounding your lunch impacts your lunch decision. Did you run out for lunch because you needed some fresh air or a break from the office?  Do you have a place where you regularly eat lunch and therefore have a system for preparing for that meal each day – conversely, did that get interrupted for this particular lunch by environmental impacts like bad weather or the space itself was occupied in a way that prevented you from following that regular schedule?

Social Impact: For some, eating lunch is a social activity.  Do you have a regularly scheduled lunch partner? Was that true today?

Resources: Money and time as resources have an impact on the structure of lunch.  How do you use these resources in an intentional way related to your lunch habit? Do you spend money at a restaurant / court / vending machine each day or bring your lunch?  Do you have the resources of time and money to prepare ahead or use those resources to forgo preparing ahead?

And let me tell ya’, this isn’t even the beginning of the ways that this could be further expanded.  Think about all of the ways that a single meal is planned and replicate that process for each decision you make today.  Exercise, nutrition, social activities, occupational activities, mindfulness activities, financial decisions, personal intellectual development, etc. etc. etc.

Now think about this: why did you make those decisions?  Consciously or not, you may have made those decisions because of someone else.  Did your partner pack your lunch and therefore help to make the decision of what you’re eating – or was shopping not prepared in a way to pack that lunch in the preferred way?  How much of your diet is based on someone else’s decision?  Maybe your doctor suggested a change in your diet?  Maybe you or a family member has a dietary restriction that changes your diet on a daily basis.  In the case of a family member’s restriction, maybe your lunch is the time when that restriction doesn’t apply to your personal diet?

Lastly consider this: Can you push yourself to make a given decision either by limiting or adding options?  Can you change the options you have available at the point of decision-making with a little bit of foresight?  Try to find one example of a way that you can “pre-decide” by removing the alternative option.  Maybe one of the questions above can be flipped to help you make a “pre-decision” that will help you make a single, healthier decision this week – even if it’s only once.  You might find it’s pretty easy to do and may be a powerful way to change your behavior in a positive way.  And then consider the flip-side of this.  How can you help someone else through a “pre-decision” that helps someone in your social network make a decision that is healthier for them?

Here’s what I’m saying, and to slightly alter a quote from Cloud Atlas:

Our health is not our own. We are bound to others, near and far, and by each decision and every sharing of those decisions, we birth our health.

It’s time for us to stop thinking that we are fully separate members of society that don’t have an impact on others and start being accountable to one another for how the decisions we make impact others – and vice versa.  Yes, even in health.

To our health,

Ryan Lucas
Manager, Engagement & Development
Follow me on twitter: @dz45tr

, , , , , , , ,

2 Comments