As COVID-19 cases increase, so do privacy concerns about EHR snooping

Cybersecurity firm CynergisTek is using AI to help hospitals detect unauthorized access to electronic health records and prevent breaches caused by coronavirus curiosity.
By Mike Miliard
03:21 PM

With hospitals and health systems girding for battle with a surge of COVID-19 cases, they also need to continue their fight to maintain strong cybersecurity and protect patient privacy. 

This is especially true given the fact that some healthcare workers may be more apt than usual these days to try to ascertain patients' coronavirus status by improperly accessing their electronic health records.

WHY IT MATTERS
Recognizing this, CynergisTek on Friday announced that it has updated its Patient Privacy Monitoring Services to help providers be more proactive in identifying hospital insiders seeking information they're unauthorized to access about coronavirus and COVID-19. 

Learn on-demand, earn credit, find products and solutions. Get Started >>

Given the ongoing spread of the virus, the risks it poses and the relentless media coverage of it, it's unsurprising that some healthcare workers might try to glean private information about patients' status – potentially compromising their privacy.

To better serve its existing PPMS clients, CynergisTek says it has put in place customized rules, built around artificial intelligence and behavioral analytics, to specifically identify insider behavior related to the coronavirus and COVID-19 

That the same methodology is historically used to monitor activity around VIP patients such as actors, government officials and athletes, the company notes.

The PPMS service – which is provided by a team located in CynergisTek’s Austin, Texas-based Privacy Operations Center – can effectively identify and manage client privacy incidents using near real-time data with a low rate of false positives. 

With the service, CynergisTek is able to proactively identify aberrant activity in EHRs, help providers with investigations and offer employee training to reduce the overall number of patient privacy violations across the enterprise. 

THE LARGER TREND
As has been often shown, insider snooping is a major concern for hospital security leaders, even in normal times. 

When celebrity patients such as Kim Kardashian and George Clooney are involved – or headline-grabbing phenomena like coronavirus – the privacy stakes are even high higher. 

Given that coronavirus is probably the most discussed topic in the world at the moment (and celebrities such as Tom Hanks, NBA players and the first lady of Canada now being diagnosed), health systems have to be on guard for potential insider breaches. 

ON THE RECORD
"Our clients are on the frontline of the COVID-19 response," said CynergisTek CEO Caleb Barlow in a statement. "As they scale, they are opening up access to medical records for staff and vendors that are working remotely, turning up temporary facilities, and deploying telemedicine solutions. Each of these initiatives comes with inherent security and privacy risks. We started scaling our Privacy Operations Center in November of last year and we are leveraging that additional capacity to handle inbound requests for privacy monitoring related to COVID-19."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com

Healthcare IT News is a publication of HIMSS Media.

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.