Insider Snooping is Alive and Well

Joe Weinlick
Posted by

Patient privacy in large health care systems can be difficult to protect as workers may access a patient's medical records dozens of times per day. Insider snooping into personal files presents health care companies with confidentiality nightmares that breach the trust of patients, families and loved ones of those affected.

West Virginia United Health System takes patient privacy very seriously. Administrators have several checks and balances in place to ensure workers do not breach anyone's privacy. The system consists of six hospitals and dozens of medical offices, and each facility goes through rigorous processes to keep medical records as private as possible.

These practices start with the training of new employees. West Virginia United Health System has a privacy officer who delivers a presentation to all new hires at orientation. The officer goes over company expectations and the responsibilities each worker has with respect to patient privacy.

The system disseminates monthly security reminders that originate from the privacy officer and hospital security. Additional messages are posted to electronic bulletin boards. Patient privacy advocates within the organization give regular presentations to management and leadership teams.

Perhaps the most stringent aspect of West Virginia United Health System's confidentiality push are the audits that occur almost daily. The corporate IT infrastructure includes software that compiles data and statistics on the millions of times patient files are accessed annually. It then runs reports which, in turn, are analyzed by a patient privacy team that makes recommendations based on the data.

These initiatives may be running smoothly as of 2015, but they are the result of years of planning that go beyond technological innovation. Management began taking patient privacy seriously years ago, and leaders work to improve the processes continually. Every employee in the organization strives to make patient confidentiality second nature.

While technology can provide solutions to protect privacy, it can also create issues. Google and Apple have worked with health care privacy experts to produce mobile apps and programs for the health care industry. Software run on iPads, iPhones and Android devices creates easier access to patient records while maintaining standards of the Health Information Portability and Accountability Act. Portable technology is standard in hospitals and other health care facilities, and the software must be able to work with both existing computer systems and internal wireless networks.

One way Google and Apple protect confidentiality is by encoding the transmission of data through networks, giving access to records only to certain personnel who have the proper credentials. Each device and app has authentication protocols and timeout systems to protect patient privacy in the event a portable device gets lost or stolen.

Patient privacy continues to be a leading concern in the health care industry as incidences of insider snooping can occur anywhere, from a janitor or cafeteria cook up all the way up to a director of nursing. When files become more accessible thanks to device interconnectivity, health care systems must adapt to keep prying eyes away from other people's business.


Photo courtesy of stockimages at



Become a member to take advantage of more features, like commenting and voting.

Jobs to Watch