2009 may set new records for security breaches in HealthCare generally and EHR (Electronic Health Record) breaches specifically.

Industry pundits associate the impact of these breaches with the cost of notification to impacted patients and service providers, both of which are important. As recent settlements with CVS and Kaiser Permanente illustrate, civil penalties in privacy disclosure cases are also growing. Another unfortunate and far-larger cost is the ammunition these breaches provide to those individuals and organizations who are trying to constrain and decelerate the deployment of efficient EHR and clinical systems.

ARRA-HiTech (see Bob Coffield’s helpful explanation here: http://healthcarebloglaw.blogspot.com/2009/10/arra-hitech-health-care-information.html) has spawned another round of detailed processes for protecting patient data – adding clarity to the previously murky FTC approach on this subject. A growing number of hospitals and clinics have found a technological answer to this problem from a software company called FairWarning.

The team at FairWarning has developed a privacy surveillance appliance which effectively monitors access to EHR systems and other patient data sources. Sales of FairWarning's appliance have exploded over the past 12 months – they now have over 250 hospitals and 900 clinics in the US, Canada and the UK as clients. Use of FairWarning helps ensure compliance with the HiTech act, and reduces cases of unauthorized access from the largest group of bad actors, hospital employees snooping into data on celebrities, relatives, neighbors and co-workers.

Systems Alliance is an authorized FairWarning partner. If you're a healthcare CIO, CSO or compliance officer, please get in touch, we'd be delighted to brief you about this technology and arrange a demo or proof-of-concept on your network.