Don’t Let Tech Safety Lapses Sink Your Urgent Care Business

We stress the importance of hygiene and a sterile work environment clinically—that’s what keeps patients and staff safe, after all. However, diligence to tech hygiene and security is just as important to the health of your business, as we can see from a couple of news reports this week. First, eClinicalWorks was fined $132,000 for violating an agreement with the Department of Justice that required vendors to report patient safety issues using their EHR system in a timely manner. This latest fine comes just a year after the company had to pony up $155 million to resolve charges that it falsified EHR certification standards. At the same time, data out of Massachusetts General Hospital show the number of healthcare data breaches has risen every year between 2010 and 2017 (with the exception of 2015, for unknown reasons). While health plans accounted for the greatest raw number of patient records breached, 70% of breach events took place in the healthcare provider environment. The analysis reflects 2,149 reported breaches involving 176.4 million patient records; individual breaches ranged from 500 to almost 79 million patient records. The perceived objective of the data breaches evolved over time. At the start of the study period (in 2010), the most common breach was theft of physical records. By 2017, hacking or “other IT incidents” were the most prevalent, followed by unauthorized access to or disclosure of patient data. The consequences of breaches can run from loss of your urgent care center’s reputation—followed closely by loss of patients and revenue—to actual fines levied under HIPAA. Work with your IT vendors to ensure your systems are secure, and make it a point to have regularly scheduled “check-ups” so they stay that way.