Healthcare organizations are always working to improve the quality of their care and the efficiency of their business operations. Data analytics for these clinical quality improvement efforts require access to data for determining process baseline performance, detecting trends and patterns in quality based on key indicators, and simulating potential outcomes of new processes and workflows.
As an analytics professional working within a large healthcare organization, I am required to access and use the PHI (personal health information) of many individuals. Most often, this occurs when I am extracting and analyzing data required for clinical quality and performance improvement efforts or when I’m assisting with critical incident reviews. Like most healthcare analytics professionals, most of the PHI that I access is done through health IT systems such as electronic health records or via data warehouses.
All users of health information that I know, myself included, consider ourselves to be responsible and respectful stewards of the data we use. As such, we rarely consider ourselves at risk of an accidental or intentional breach. However, both accidental and criminal breaches of security and privacy do occur. As responsible professionals, it is incumbent upon us to regularly review our own security practices to ensure we are not unnecessarily accessing, using or viewing private health information, or unintentionally increasing the risk of a breach of PHI.
A recent article that I wrote on SearchHealthIT.com discusses the need for security and the protection of privacy when analyzing large quantities of patient data. The article discusses how and what patient information must be protected and shares some situations where physicians (and other healthcare professionals) should be able to identify each subject.
Please feel free to click here to read the entire article.