Protection of Patient Data

The protection of patient data is important for a number of reasons.  First, it is the law of the land:  HIPAA mandates that patients’ personal data remain protected from illegal disclosure.  Second, there is an explicit trust relationship between professional health workers and patients- this relationship is built upon the premise that private, confidential data should remain in that state.

There are numerous ways that private patient data can be released: A nurse (or other health professional) could make a public comment about a patient (not explicitly identifying him/her) but giving enough information for others to know; a health professional could leave a computer on, failing to log-put and exposing patient data to anyone that walked by; finally, an individual might leave a medical record out in an unattended area that could lead to a loss of patient data.

One of the key principles to avoid such error is: pre-emptive thinking. Often times, clinicians are so focused on dealing with patients or looking at test result that they fail to inculcate a culture of sensitivity surrounding patient data.  In order to construct this type of culture, numerous precautions can be put in place.  First, safeguards and automatic warnings can be installed on computers when a user is looking at sensitive data but fails to sign out within a specified period of time. In addition, certain areas could be designated as “medical record” areas that would be located throughout the hospital.  This would not only have the advantage of centralizing where records could be seen, but it might also prevent the wondering of records into places where patient data could be lost.  Finally, compliance classes for HIPAA (which are already part and parcel of most hospital training programs) could be strengthened.


HIPPA Law Text (2013).  Available at: US Government Documents.

Patient Protection Act.  Available at: US Government Documents.