Protecting VIP Patient Privacy
Memorial Hermann has extensive audit capabilities of all of its electronic systems, which help keep it in compliance with the Health Insurance Portability and Accountability Act (HIPAA) of 1996.
Congresswomen Gabrielle Giffords' privacy was not breached due to Memorial Hermann's records management policies and technology.
Note: This is part 2 of “Guarding Gabrielle,” Campus Safety magazine’s three-part exclusive coverage of how Memorial Hermann Healthcare System and the University of Arizona Medical Center effectively managed the care, security, privacy and press coverage of Arizona Congresswoman Gabrielle Giffords while she was being treated at their facilities.
With such a high-profile patient as Arizona Congresswoman Gabrielle Giffords being admitted for treatment, it could have been extremely tempting for some employees to try to circumvent Memorial Hermann’s logical access control technology. Fortunately for Giffords, as well as other Memorial Hermann patients, the healthcare organization has extensive audit capabilities of all of its electronic systems, which help keep it in compliance with the Health Insurance Portability and Accountability Act (HIPAA) of 1996.
Because of this precaution, as well as the hospital’s policies and employee education efforts, Giffords’ medical records were not breached while she was treated at Memorial Hermann.
“Our employees know that if you touch an electronic record, you will leave a finger print, and we will know you were in there,” says Memorial Hermann Privacy Officer Carol Paret. “If you get into an electronic record, you better be in there for a legitimate business purpose. [Employees] know we conduct random audits, and they certainly know we conduct audits on VIP patients.”
These are some of the technologies, policies and procedures the organization has adopted to protect Giffords’ privacy:
- She was registered under an alias (there were some attempts to find her record under her real name)
- All employees were notified that Giffords’ records were being monitored constantly. “Everybody who accessed her alias records or attempted to access her under her name, we knew about and were watching every day,” says Paret. “With those steps, you can catch things very early.”
- All employees receive annual training on HIPAA. If they don’t take the course within the appropriate time frame, they lose access to the systems, which means they can’t do their jobs.
- Memorial Hermann only uses role-based security, meaning it only allows individuals access who need access to the system or a portion of the system to do their jobs
- Guarding Gabrielle Part 1
- Guarding Congresswoman Gabrielle Giffords: Photo Gallery
- Managing the Unimaginable
Add Another Layer of Protection to your Campus
If you’re responsible for protecting a campus — whether at a hospital, K-12 school, college or university — then Campus Safety magazine is a must-read, and it’s free! As the only publication devoted to those public safety, security and emergency management personnel, issues cover all aspects of safety measures, including access control, video surveillance, mass notification, and security staff practices.
Take advantage of a free subscription to Campus Safety today, and add its practical insights, product updates and know-how to your toolkit. Subscribe today!
Campus Safety Heroes
Campus Safety honors those who keep their hospital, school or university campus safer.See our latest Heroes, nominees and content.
Recommended For You
Do you have a Threat Assessment Checklist? If not, you’ll want to download this FREE Active Shooter Checklist now!
Improving emergency preparedness on your campus is an evolving process involving both personnel and equipment. Learn from other school and college officials preparedness and who reveal what they look for in an emergency alert system.