Blog | Protenus

Protecting VIP Patient Privacy

Celebrities, public figures, and their family members are especially vulnerable to inappropriate accesses to their medical records, given the public’s interest in their lives and well-being.  After experiencing a health crisis or death, VIPs are often thrust into the spotlight where intense media scrutiny occurs.  It is their health or insurance provider’s responsibility to ensure these patients’ private medical information is protected.  It is often reported that members of the media will try to pay hospital employees to sneak into a VIP’s electronic medical records to obtain private information, giving reporters the inside scoop—a serious breach of the patient’s rights under the HIPAA Privacy Rule.

Watch Tiny Talks: The Privacy Series, short videos featuring  leading privacy experts tackling everyday problems you're all facing.

VIP patients face heightened risk

When it comes to celebrities or local public figures, even small-scale breaches (of just a single record) can cause tremendous harm.  Historically, health systems have been fined hundreds of thousands of dollars for improper access to VIP records.

It’s human nature for all of us, including hospital employees, to be curious about all things celebrity-related.  But VIPs have the same rights to patient privacy as the rest of us.  Traditional compliance and privacy monitoring solutions manually stitch together information from disparate sources, decipher each alert individually, and then export the associated raw log data for manual analysis.  Even with traditional patient privacy monitoring products in place, these simple rules engines detect very little, and what they do detect is often a false alarm.  What’s needed is the power of clinical context-driven machine learning.

Accounting for healthcare's complexities

Why do you need an advanced healthcare compliance analytics platform just to protect VIP patients’ data?  Why not leverage existing rules-based systems to label VIPs as they enter the hospital or change the names of celebrities while they’re at your institution?  Why not just set up a rule with a report-writing team to take care of this?

Here are the problems with rules-based analysis in a VIP situation that artificial intelligence-driven healthcare compliance analytics easily solve:

  • It works for simple scenarios where every possibility is clearly understood and determining between inappropriate and appropriate accesses is black and white
  • A rules-based system is costly, prone to failure, and highly inefficient — it delivers many false positives and requires constant maintenance and staff time
  • Unless you tell a rules-based system exactly what to look for, incidents won't be surfaced

An example of a false positive is if you wrote a rule that says “make sure that no one who works for a department outside of pediatrics looks at pediatric patients.," this wrongly flag the appropriate accesses of OB-GYN providers following-up with their postnatal patients and it will also not catch the pediatric surgeon who has no business looking up a friend’s child.

Protenus' AI-powered solution accounts for the complexities of healthcare data privacy as our machine learning  adapts to your hospital, your patients, your users, and your needs, continuously becoming more effective as it:

  • Incorporates a deep understanding of the complex clinical environment. Knows the difference between a cardiologist and a research nurse, a diabetes patient and a critically-ill admission, and a surgical ward and an outpatient clinic. 
  • Continually updates its understanding of your unique organization and every EHR user's individual behavior patterns. This important and always-improving context allows hospitals to find malicious user access patterns that might otherwise remain hidden.
  • Finds perfectly reasonable explanations that might have otherwise cost you hours of investigation.

A critically-important element in the case of VIPs is that rule-based systems either have to be provided with a pre-made list of local celebrities, or hospital leadership has to be updated before the celebrity arrives or just as they arrive, in order to manually enter their VIP status.  With Protenus’ proactive, AI-driven solution (which combines public information with private algorithms), celebrities are identified without intervention or planning.  This protects VIPs even when hospitals don’t know their presence or wouldn’t normally think of the person as a “celebrity,” such as a private citizen who was involved in a news-reported accident or act of violence.

Paparazzi-proof your approach to patient privacy

In any situation where patients are at an elevated risk, from VIPs to children to behavioral health patients who are more vulnerable to identity theft, Protenus can adjust monitoring thresholds to ensure these individuals are protected.  Protenus has helped our customers avert serious incidents relating to VIP access through fast, clear, and contextualized alerts that let compliance officers react and respond immediately. This is accomplished through:

  • Elevated risk detection: From the moment a VIP enters a hospital, Protenus’ proprietary algorithms have already determined that they are at risk for breach and require elevated monitoring levels. 
  • News and event monitoring: Instead of relying on manual lists of local celebrities, the platform taps into real-time media and social feeds to help define who is at risk at any given moment.
  • False positive filtration: Protenus verifies whether an inappropriate access is a true violation by examining subtle network relationships between individuals viewing this patient, the clinical context surrounding the access, and the user’s unique historical workflow.
  • Rapid visual forensics: Interactive visualizations and natural language reporting help compliance officers quickly review of all accesses to a VIP’s medical record.


Better protect your organization, and more importantly, your patients' right to privacy with AI-driven healthcare compliance analytics so you don't miss what matters. 

Watch Tiny Talks: The Privacy Series, short videos featuring leading privacy experts tackling everyday problems you're all facing.

New call-to-action

Subscribe by email