Doctors’ offices must be wary of data breaches as use of electronic records grows

By Beth Fitzgerald for NJBIZ

As physician practices switch from paper charts to electronic medical records, they’re coming under more pressure to guard against data breaches that deliver sensitive patient records and valuable personal information into the hands of hackers.

Nelson Gomes is chief executive of PriorityOne Group, which specializes in providing information technology for medical facilities. He said he’s concerned that small physician practices, which are the norm throughout New Jersey, aren’t doing enough to safeguard patient information. Federal law requires medical facilities to protect the privacy and security of patient records and in 2013 that rule was extended to the business associates of medical facilities.

Gomes said a small medical practice “needs to understand that just because they are small doesn’t mean they aren’t targets; in fact, they may just be easier targets.”

He tells clients that safeguarding patient data is a continuous commitment. Physicians need to have a plan in place and be able to demonstrate that it’s working: “Your staff needs to be trained and you should be able to prove and document that your staff is trained on how to deal with a breach.”

Read the rest of the article here.