Support our online development, and advance our onground research initiatives in free market economics, as we seek to showcase the brightest Next-Gen minds.
THE ME-P DISCLAIMER: Posts, comments and opinions do not necessarily represent iMBA, Inc., but become our property after submission. Copyright © 2006 to-date. iMBA, Inc allows colleges, universities, medical and financial professionals and related clinics, hospitals and non-profit healthcare organizations to distribute our proprietary essays, photos, videos, audios and other documents; etc. However, please review copyright and usage information for each individual asset before submission to us, and/or placement on your publication or web site. Attestation references, citations and/or back-links are required. All other assets are property of the individual copyright holder.
When Will Costs Outweigh Health Information Technololgy?
[By Darrell K. Pruitt; DDS]
At what point will security data breaches become so costly that dentists will abandon computerization and return to pegboards and ledger cards?
Senate Judiciary Committee
A week ago, the Senate Judiciary Committee approved two separate bills which would mandate that dentists who store digital PHI notify patients if their data is breached. Of course, that would be the ethical thing to do anyway, wouldn’t it?
Senate Bill 139, also known as the Data Breach Notification Act, was introduced by Dianne Feinstein of California and is similar to existing state notification bills – including California’s own landmark Bill 1386 which set the standard 7 years ago.
Two Hundred Ten Dollars Cost – Per Record – for Notification
Considering that in October, the Ponemon Institute reported that it costs an estimated $210 per record to notify patients of a breach, there are a lot of angry lawmakers who are missing the point. Mandated fines for a breach are meaningless. Simply notifying thousands of patients of a breach will bankrupt any dental practice, even if it is an insurance company employee who loses a laptop computer containing a dentists’ patients’ personal data – like a BCBS employee did recently with over 800,000 physicians’ personal information.
Personal Data Privacy and Security Act
Even now, a dentist whose practice is a victim of a breach, whether it is from stolen computer, hacker or dishonest employee, might take a quick look at the notification path to certain bankruptcy and gamble that patients’ data won’t be used before hiding the incident. That is why Senator Patrick Leahy of Vermont has sponsored the other breach bill which reflects the prevailing attitude of frustrated constituents throughout the nation. It is known as the Personal Data Privacy and Security Act.
Leahy is more concerned with punishment than with breaches themselves. In addition to a fine, he would establish a jail term of up to five years for failing to disclose a breach when required.
http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=111_cong_bills&docid=f:s1490is.txt.pdf
§ 1041. Concealment of security breaches involving sensitive personally identifiable information
‘‘Whoever, having knowledge of a security breach and of the obligation to provide notice of such breach to individuals under title III of the Personal Data Privacy and Security Act of 2009, and having not otherwise qualified for an exemption from providing notice under section 312 of such Act, intentionally and willfully conceals the fact of such security breach and which breach causes economic damage to 1 or more persons, shall be fined under this title or imprisoned not more than 5 years, or both.”
If dentists want to continue to use computers in their practices, Leahy would have them put serious skin into the game. The bill was read twice and referred to the Committee on the Judiciary.
On the ADA Advocacy page, dental leaders still maintain that electronic dental records will lower the cost of dentistry. And as recently as last month, the ADA House of Delegates again publicly endorsed the adoption of eDRs, yet still neglect to adequately warn ADA members of their dangers, now including possible imprisonment.
Assessment
ADA President Dr. Ron Tankersley is already irrelevant.
Conclusion
Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.
Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com
OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:
- DICTIONARIES: http://www.springerpub.com/Search/marcinko
- PHYSICIANS: www.MedicalBusinessAdvisors.com
- PRACTICES: www.BusinessofMedicalPractice.com
- HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
- CLINICS: http://www.crcpress.com/product/isbn/9781439879900
- ADVISORS: www.CertifiedMedicalPlanner.org
- BLOG: www.MedicalExecutivePost.com
- FINANCE: Financial Planning for Physicians and Advisors
- INSURANCE: Risk Management and Insurance Strategies for Physicians and Advisors
Share this:
Filed under: Health Law & Policy, Information Technology, Practice Management, Pruitt's Platform | Tagged: ADA, Darrell Pruitt, Data Breach Notification Act, dentists, Dianne Feinstein, EHRs, EMRs, HIPAA, Patrick Leahy, Personal Data Privacy and Security Act, PHI, Ponemon Institute, Ron Tankersley, Senate Bill 139 | 13 Comments »
The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants 