Do you hear what I hear!?!
Do you see what I see!?!
With ease of access and the vast mobility that technology now affords us, it’s just AMAZES me that anyone has ANY privacy!
For those of us who deal with private and confidential information, it should alarm us that a phone with a mini computer, camera, and recording devices can now be worn on a wrist. What’s to stop someone for intentionally or unintentionally capturing Personally Identifiable Information or Protected Health Information? What’s to keep a person on the other end of that mini phone from hearing and gathering information that they shouldn’t?
It also amazes me that people, who I think should know better, will sit next to me on an airplane and write a complete brief on their tablet that I could easily have read over their shoulder. How would that person know that I don’t have a vested interest in the document and could have easily obtained confidential information?
While the current and upcoming laws carry stiff civil and criminal penalties, do they go far enough?
The laws and court ruling definitely have our attention as intended, but where do we go from here?
Bottom line, to protecting the information and data that is entrusted to us, is us. What can we do to protect it?
Number one is education.
- Make sure that your entire team is well trained on the laws that govern your business
- Make sure that your entire team understands their personal responsibility and, yes, tell them the risks that they take on working in an environment that requires us to ethically and legally keep data confidential
- Make sure that your entire team understands their duty to protect the caller, the Client, themselves, and the company
- Make sure they know, practice, and follow all applicable verification procedures to ensure that they know with whom they are releasing or gathering information
- Conduct regular refreshers and annual training to keep information fresh and at the forefront of staff’s mind
Number two is documentation.
- Make sure all policies and procedures are documented
- Revise when needed
- Review annually to ensure all policies and procedures are up to date
Number three is audit
- Perform your due diligence and have impartial parties conduct audits to ensure adherence to
- Verification processes
- Adherence to policies designed to protect information and data
Do you hear what I hear!?! Do you see what I see!?!
I hear and see staff following procedures and protecting the information and data that is entrusted to us.
Post Written By Deborah H. Conklin, Corporate Compliance Officer, Ameridial Inc.