What do I need to know to protect the confidentiality, integrity, and availability of Personal Health Information in my EHR system?
Privacy is an individual’s right to keep certain Personal Health Information free from unauthorized access. Security is the means to control access and protect this information from accidental or intentional disclosure. Your practice is responsible for protecting the confidentiality, integrity, and availability of personal health information in your EHR system.
Everyone has a role to play in the privacy and security of electronic health information — it is truly a shared responsibility. Healthcare providers are required to comply with the law that protects a person’s right to privacy.
Adherence to privacy and security standards creates trust with your patients so that they are certain that the confidentiality and accuracy of their electronic health information is secure. This creates an environment where patients are more willing to share their health information so that you have a more complete picture of patients’ overall health and together, you and your patients can make more-informed decisions.
In addition, when breaches of health information occur, they can have serious consequences for your organization, including reputational and financial harm or harm to your patients. Poor privacy and security practices heighten the vulnerability of patient information in your health information system, increasing the risk of a successful cyber-attack.
Your practice is responsible for protecting the confidentiality, integrity, and availability of personal health information in your EHR.