How safe is the patient information on your PDA?
While it's easy to misplace a handheld computer, you can take some simple steps to protect yourself
Copyright © 2002 by the American College of Physicians-American Society of Internal Medicine.
By Bryan Walpert
| Related resources: |
Like many physicians, Nirav R. Shah, ACP-ASIM Associate, knows how easy it is to lose a handheld computer. A research fellow who is also pursuing a doctorate at the University of California, Los Angeles, Dr. Shah left his Palm in a classroom about a year ago. When he returned, it was gone.
All turned out well for Dr. Shah when someone returned the missing device. But he is far from the only physician to forget a personal digital assistant (PDA).
"Unfortunately, PDAs are easy to steal," said Dr. Shah, who said that he knows two residents who had their handhelds stolen from a call room. "It's a computer, it's tempting and it's small."
There are no reliable statistics on how many of the nearly six million PDAs shipped last year were lost or stolen. But according to Safeware Insurance Agency in Columbus, Ohio, more than a half million laptop computers were stolen last year.
Because of their size, PDAs "are definitely more at risk than laptops," said Brian Haase, commercial marketing manger for Safeway. "You need to guard them like a purse or your wallet. They are a hot little item."
The portable nature of handheld computers raises even more important security questions for physicians who keep patient names, demographic data, diagnosis codes and lab results on their PDAs.
"There is a significant concern that if these devices are lost at a supermarket, others will be able to get hold of them and access that data," said Steven S. Lazarus, PhD, president of Boundary Information Group, a Denver-based consulting company for the health care industry.
Passwords and other simple solutions
With privacy provisions of the Health Insurance Portability and Accountability Act (HIPAA) scheduled to take effect this April, you need to be even more vigilant about protecting patient privacy. Leave your PDA in an airport or supermarket, and you could face penalties of $100 per violation, up to $25,000 per year.
Even more importantly, you could leave yourself wide open to a malpractice claim. Because HIPAA regulations now establish the "standard of care" for privacy in writing, lawyers will likely argue that physicians who take no precautions to protect information on a portable computer are negligent.
"You have to make reasonable assurances and not just leave your laptop sitting around. If you know you are forgetful about your PDA, you may need to be more cognizant of where it is," said Tynan Perschbacher, a consultant with Gates, Moore & Company, an Atlanta-based health care consulting firm. "Instead of leaving your gym bag in an unlocked area with a PDA in it, put the bag in a locker and lock it up. Some of this is not rocket science."
Another obvious step: Use the optional password protection provided by both your PDA and the software that contains patient information. Many physicians don't use password protection because it is inconvenient.
"Most of the physicians I talk to who carry PDAs around don't use a password to unlock their machine every single time," said Michael Palmer, a Boston-based partner in the health care practice of Accenture, a management consulting firm that specializes in information technology issues. "They should, but they don't."
Consultants recommend using "strong" passwords when possible: at least six characters and a combination of letters and numbers. "Don't use your pet's name, your name, your maiden name or anything a hacker would conveniently stumble across in trying to break the password," Dr. Lazarus said. "It also should not be taped to the back of the PDA."
While passwords will prevent the casual thief from pilfering patient data, they are unlikely to thwart a good hacker. As a result, some companies are now working on biometric security techniques such as fingerprint identification systems.
Identix in Minnetonka, Minn., for example, sells a fingerprint reader for PDAs for $175 per device. Mr. Palmer predicted that fingerprint security will eventually become a regular feature on handhelds.
'Time bombs'
Application vendors are putting their own safeguards into place. For example, physicians using prescription-writing software from MEDeMORPHUS Healthcare Solutions never store patient data on their handheld computer. Instead, physicians can view patient information on their PDA through a wireless network while in the office, but the information always remains on a server. When physicians leave the office, they can no longer view that data on their PDA.
What about situations where physicians need to store patient information on their handheld? Charge capture software, for example, often allows physicians to download patient information and take it to the hospital, where they can enter diagnosis and procedure codes at the bedside.
Some application vendors like Boston-based MedAptus encrypt all patient data. Even if a determined hacker circumvents the password, the data will be encoded and difficult to view.
Scott & White, a health plan in Temple, Texas, has put many of these safeguards into its system, which allows physicians to view information from an electronic medical record (EMR) system on their handhelds. Both the PDA and the application are password-protected.
Because most physicians view the data via a wireless network, patient information is never stored on handheld computers. As the information flows between the PDA and the server, it is encrypted. And physicians are encouraged to leave their handheld computers at work.
|
'Time bombs' allow physicians to put sensitive information on their PDA, but delete the data after a certain amount of time. |
Physicians can download patient information from the EMR onto a handheld if they are going to see patients at a nursing home that is not linked wirelessly to the system. But in most cases, that data have a "time bomb": Even users who have a password to view the data are blocked from accessing the information at midnight on the day it is downloaded.
Still, it is hard to build a completely airtight system if physicians want to access mobile information. Scott & White eliminates its data time bomb, for example, for physicians on hospital call. The rationale? These physicians sometimes need to look up patient information when receiving calls after midnight.
"I don't think there is a perfect trade-off for security and convenience," explained Raymond Harrison, MD, an internist at Scott & White. If a practice wants its physicians to reap the benefits of mobile information, "there is a small but finite risk" that security may be breached.
Contact ACP Internist
Send comments to ACP Internist staff at acpinternist@acponline.org.