Community Health Systems owns or operates over 200 hospitals in the United States. Almost half of their hospitals are recognized as “Top Performers in Quality Measures by the Joint Commission”. They are also participants in a Patient Safety Organization (PSO). According to Community Health Systems,
“PSOs were authorized under the Patient Safety Act of 2005 and are designed to improve the quality and safety of U.S. healthcare delivery. By providing both privilege and confidentiality, PSOs create a secure environment where clinicians and health systems can collect, aggregate and analyze data, thereby improving quality by identifying and reducing the risks and hazards associated with patient care.”
Oops. Bloomberg that tells us that their data is not secure. The data was hacked. The article points out how
“Medical records are extraordinarily valuable for identity theft, as they contain all manner of personal information needed to take out credit and receive services in victims’ names. They’re most valuable, ironically, for the non-medical information they contain.”
Doesn’t it seem inevitable that despite the efforts of HIPAA more data will be compromised? Unfortunately, our current healthcare system is obsessed with collecting a lot of data on every patient and sending it to out to several entities like the large corporate headquarter of the hospital or to an insurance company or CMS. The data includes not only your name, birthday, social security number, address, phone number and insurance number. It may include your credit card number. It certainly includes many diagnostic and procedural codes that now define you to the payers and planners. Many of the codes are inaccurate.
The collection of this data is dangerous not only because it is inaccurate and can be compromised. It is also dangerous because it takes a lot of time and effort to collect it. Filling out the Electronic Medical Record with these codes is a high priority to your doctor and hospital and it detracts from the real work of caring for patients.