Support our online development, and advance our onground research initiatives in free market economics, as we seek to showcase the brightest Next-Gen minds.
THE ME-P DISCLAIMER: Posts, comments and opinions do not necessarily represent iMBA, Inc., but become our property after submission. Copyright © 2006 to-date. iMBA, Inc allows colleges, universities, medical and financial professionals and related clinics, hospitals and non-profit healthcare organizations to distribute our proprietary essays, photos, videos, audios and other documents; etc. However, please review copyright and usage information for each individual asset before submission to us, and/or placement on your publication or web site. Attestation references, citations and/or back-links are required. All other assets are property of the individual copyright holder.
A Start-Up Idea
[By Darrell K. Pruitt DDS]
An early, shoestring proposal for a non-profit dedicated to common sense security solutions.
Why? if patients’ identities are unavailable, they cannot be hacked.
Recently, I’ve considered starting a non-profit dedicated to keeping patients’ identities off of dentists’ computers where they are far too easily fumbled thousands at a time. I think I might call it “Dentists for De-identification.” What do you think?
My son Ryan and I have discussed putting together an educational YouTube cartoon – comparing the cost, convenience and security of encrypted Protected Health Information (PHI), to storing PHI, including medical information, only on paper in bulky metal filing cabinets – leaving only nameless, unencrypted dental records on the computer. De-identification is the “other” HIPAA Safe Harbor, meaning if patients’ de-identified dental information is stolen or hacked, nobody has to be notified. And, since the patients’ nameless dental records remain unencrypted, de-ID should not slow down work flow like encryption does.
***
***
One could call employing in-house reference numbers to re-connect patients’ digital dental information to paper-based PHI a hybrid solution to an otherwise intractable security problem. The solution is nothing new, and has a long history of success. For decades, police departments have been substituting in-house reference numbers for citizens’ names to protect the owners. I see no reason it cannot work for dental radiographs as well.
Depending on staff’s familiarity with the alphabet, pulling a patient’s thin paper record from a loud filing cabinet might even take less time than correctly typing in an encryption key (on the first try). What’s more, since there is a limit to the number of patients even the fastest dentists can treat in one day, 4000 or so active patients per dentist is a reasonable estimate of the number of records in a busy dental practice – which is probably one third of the records in the average physician’s practice. Since the dental information remains digital and only a couple of sheets of paper are needed to reveal the patients’ reference number along with a brief medical history, very little filing space should be needed.
The problems with encryption don’t end with correctly entering the key. Once permitted access to encrypted ePHI, it will take much more time to de-crypt one radiograph than it takes to open a manila folder. Depending on the number of radiographs and other digital images – including complex cone-beam radiographs – a patients’ encrypted diagnostic history could require several minutes to view.
I would want to witness the De-ID non-profit professionally investigate whether de-identification indeed offers a cheaper and more secure solution to data breaches from dental offices. I think we all know by now that full disk encryption will never be the answer.
***
***
Assessment
Still too soon? Give it time. The FBI assures us that more massive data breaches are just around the corner.
Channel Surfing the ME-P
Have you visited our other topic channels? Established to facilitate idea exchange and link our community together, the value of these topics is dependent upon your input. Please take a minute to visit. And, to prevent that annoying spam, we ask that you register. It is fast, free and secure.
More:
Conclusion
Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.
Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com
OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:
- PRACTICES: www.BusinessofMedicalPractice.com
- HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
- CLINICS: http://www.crcpress.com/product/isbn/9781439879900
- ADVISORS: www.CertifiedMedicalPlanner.org
- FINANCE: Financial Planning for Physicians and Advisors
- INSURANCE: Risk Management and Insurance Strategies for Physicians and Advisors
- Dictionary of Health Economics and Finance
- Dictionary of Health Information Technology and Security
- Dictionary of Health Insurance and Managed Care
Share this:
Filed under: Information Technology, Practice Management, Pruitt's Platform | Tagged: Darrell Pruitt DDS, de-ID, dental eHRs, Dentists for De-Identification, ePHI, HIPAA, PHI | 3 Comments »
The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants 