image description
Mar 23rd, 2018 Download

Protenus CEO, Former HHS Chief Privacy Officer to Host Panel on Ethical Concerns Around Manual Patient Data Breach Detection

Protenus CEO and Co-founder to speak on the limitations of manual patient privacy auditing processes in healthcare at HIPAA Summit in Arlington, VA

Baltimore, Md -- Data sharing, interoperability, and health exchanges have provided unfettered access to patient data by hospital employees and anyone else who has access to a health system’s electronic health record (EHR) system. Nick Culbertson, CEO and Co-Founder of Protenus, a healthcare compliance analytics platform detecting inappropriate activity within EHRs, will host a panel with Matt Olsen, the former HHS Chief Privacy and Data Sharing Officer, about ethical concerns that arise when health organizations only have the ability to audit a portion of accesses to patient data.

Culbertson and Olsen’s joint presentation on “How Privacy Monitoring Technologies Change The Ethical Standard,” will discuss emerging technologies, that replace reactive, manual processes, to allow health systems to audit every access to health data, accurately detect breaches, easily report to OCR, and implement policy changes to address concerns and reduce privacy violations.

“Compliance officers have been doing their best to utilize existing tools to detect privacy violations, but due to limited resources they are only seeing the tip of the iceberg,” stated Culbertson. “On a daily basis, as many as 10 million actions can take place inside a healthcare organization’s electronic health record system. It’s not possible to review those accesses manually, but technology exists today that uses artificial intelligence to alert hospital leaders when there is a potential breach. It reduces the time spent on manual investigations, false positives, and lets hospital leaders focus on priorities and reducing risk.”

Compliance teams currently use tools that reactively respond to suspected patient privacy violations, run routine reports, or utilize manual audits. These tools lack the clinical context and user behavior analytics necessary to audit every access or proactively identify breaches to patient privacy, especially when at least 41% of all health data breaches are attributable to healthcare organization insiders.

“Health systems just don’t have the time or human capital to manually audit every access within the EHR,” stated Olsen. “Yet, advances in technology, especially with machine learning and AI provide the ability to analyze large amounts of unstructured data and provide insight into how patient data is being accessed and utilized. Besides the practical benefits, it creates a potential change in the ethical balance. Specifically, it raises the question of how a change in that balance could impact a decision on implementing technology that could audit every single access.” The HIPAA Summit brings together the nation’s top health leaders to discuss challenges with electronic health record adoption, patient data security, and practical information to improve HIPAA compliance and associated legal and policy issues. To register or learn more about the presentation, please visit the HIPAA Summit website.

Presentation details Wednesday, April 28, 2018 5:15 p.m. Hyatt Regency Crystal City, Arlington VA