For many hospital systems, handling a stratified-risk privacy operation is a time-consuming process. Depending on what type of privacy posture the organization is using, this can lead to an even greater influx of notifications, especially for less nefarious cases such as family member snooping or self-lookups. Due to a lack of resources, Privacy Officers either spend extensive amounts of time following up on the large volume of lower-risk violations or ignore them in favor of pursuing higher-risk cases. Both of these scenarios result in increased liability and inefficiency, and only target a small portion of the system-wide privacy violations that are occurring at any one time. Email automation can help Privacy Officers re-educate the hospital workforce, reduce their workload and increase their efficiency.

Medical records are the most comprehensive aggregation of a person’s medical history, archiving sensitive diagnoses, medications, blood types, and financial information. While there are millions of accesses to patient data every single day, healthcare organizations simply do not have the necessary resources to manually audit every access within their EHR.

The first half of 2018 proved that clinical drug diversion continues to threaten the ability of healthcare organizations to provide high-quality patient care and to ensure safe medication administration. Earlier this year, Protenus’ independent research team published a report of our 2017 findings on this topic, which included a detailed explanation of the report’s full methodology and scope. The first six months of 2018 offered a means to compare and contrast the current landscape to what the 2017 data revealed. In this report, we’ll examine possible explanations behind the continuities and evolutions we observed.

Artificial Intelligence (AI) is somewhat of a misnomer. It is indeed artificial, but it is not intelligent--at least not in the way a person is. The entire field of artificial intelligence grew out of research in the late 1940s and early 1950s that attempted to teach computers to play a game of chess. In 1997, this technology matured and advanced to the point where IBM’s Deep Blue supercomputer was able to beat chess Grandmaster Garry Kasparov. At a high level, computer chess engines rely on an intricate search engine coupled with a huge database of possible moves and games. Kasparov realized that this huge resource could be even more valuable when further coupled with human intelligence. This combination of human and artificial intelligence working together form a cyborg, or centaur, which represents the melding of true human intelligence with the power of advanced computational systems. These advances in technology have inspired the central role that AI plays in healthcare innovation. Specifically, in healthcare privacy, it serves as an extension of the team, better leveraging human expertise, and increasing their efficiency.  

A health data breach is always stressful, no matter the size of the breach or organization. Upon discovering that a breach has occurred, the healthcare organization must painstakingly assess the scope of the breach and its impact on the organization and affected patients. In addition to this assessment, if the breach affects more than 500 individuals, it must be reported to the Office of Civil Rights (OCR) within 60 days of discovery, usually prompting them to investigate further. The well-known costs associated with a data breach include notification, credit monitoring services, lost revenue, and reputational damage. However, In addition to these, there are also associated costs when it comes to responding to any request or investigation from OCR, including: