PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
December 2006

Perspectives: Lack of enforcement undercuts HIPAA

Without enforcement or financial incentives for compliance, HIPAA is toothless. I recently had an enlightening meeting with some of the physicians at my organization. I originally called the meeting to discuss the upcoming deployment of RFID-based, single sign-on authentication tokens in their department. We were supposed to talk about how this technology was going to make accessing clinical data easier, make our electronic records more secure and provide better HIPAA compliance. It was supposed to be a win-win situation. I was wrong. As I began to explain the benefits of the technology, the head physician cut me off. He bluntly said he didn't believe HIPAA was important and that he would not follow any policies because he didn't believe anyone would indict a physician over a security violation. He said all of the physicians in his area shared their passwords, and sometimes one physician would remain logged in on all of the department's computers so everyone had access to applications. I explained this action was a violation of ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue