Monday, November 30, 2015

Identity Theft Prevention in Healthcare Tips

With just 1 month left in 2015, healthcare has already seen an astronomical 109 million records breached. That accounts for just a little over 78% percent of the total number of records breached in all sectors of the US economy this year. When you consider that the leading cause of breaches in healthcare this year is due to cyber-crime. In 2014, there were approximately 2.32 million victims of medical identity theft in the US. That is an increase of almost 50 percent over the previous year. Sadly, it is not always cyber-crime that leads to medical identity theft. Employees of healthcare organizations have access to thousands, if not millions of patient records every day. There have been two high profile cases in the news within just the last few months.

In June of this year, local authorities, and Montefiore Medical Center in Manhattan conducted an investigation that uncovered an identity theft ring that included an employee of the medical center. The employee was charged with identity theft, and it is believed that she sold as many as 12,000 patient records between 2012 and 2013. In July, local authorities in Jackson, Mississippi notified Merit Health Northwest Mississippi that one of their employees was potentially involved in identity theft, and was currently under investigation. It is believed that between February of 2012 and June of 2015 this employee accessed the records of at least 810 patients for the purpose of identity theft. The investigation is still ongoing.

What can you as a front line employee do to help protect patient information against loss due to theft? The first step is to understand your access to patient information, and its intended use. Employees of any medical or dental practice are bound by law to access patient information for the purpose of treatment, payment and healthcare operations only. That means you access records when you are involved in the treatment of a patient, or involved in filing claims or collecting payments. In addition to direct patient care, there are healthcare operations that may require access to patient records, such as quality assessments, employee evaluations, legal and medical reviews and employee access monitoring to ensure it is appropriate.

Next, know your environment. If you see something suspicious, or you believe someone else is using or accessing patient information inappropriately, you have an obligation to report such activity. Breaches in general have an enormous detrimental effect on the entity. Those related to insider activity are even worse, further eroding the trust of the patient-consumer. Already 68% of the population does not believe that the healthcare sector does enough to protect their information. The estimated financial cost to the organization for breached records is around $200. However, the cost of a damaged reputation is a very real concern for any business in the US, and healthcare is no exception. In the aftermath of a breach, the high cost of recovery affects not only the bottom line for an organization but the employees as well, through job loss for some and additional hiring and training for others.


Finally, report any suspicious activity from outside the organization. Have you ever been approached about patient information? Have you ever noticed someone wondering around the facility you work in that does not belong, or you don’t recognize? Social engineering is becoming a huge problem in healthcare. It is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. Social engineers are pros at blending in to places they do not belong in order to attempt to gain unauthorized access to patient information. Lock unattended computers, secure mobile devices, and, if you see someone that you are not sure about, report it. It is better to be safe than sorry! 

Ask your administrator to assign you the Identity Theft Prevention course for more detailed training or if you are not a MedTrainer client email us at support@medtrainer.com for more information.

FAQ's: Transitioning from MSDS to SDS

OSHA understands that during the transition to GHS, things could get a little messy. That’s why, during the transition period, a company can be in compliance with old HCS, the new GHS system, or a combination of both. However, more importantly, at no time may an employer be out of compliance with both the old and the new.
We realize that all of this might seem challenging.  That’s why MedTrainer helps organizations comply with Hazardous Communication OSHA requirements in several ways:
  • We offer access to the healthcare's largest library of updated SDSs, including SDSs in the GHS format.
  • We search the marketplace for the most recent SDSs, and upload approximately thousands of new or revised safety data sheets into our system each week. We also give users the ability to upload their own SDSs or request that we retrieve a needed SDS.
  • We flag safety data sheets in our system that are in the GHS format and make it easy to search, track and manage your SDSs across your organization.
  • We provide on-line training on Hazardous Communication and a variety of OSHA compliance related topics.
Wherever you are in your company’s transition toward GHS, the time to get started is now. Download our quick guide to Frequently Asked Questions from transitioning to MSDS to SDS here



Proper Hand Hygiene in Medical Clinics

Proper hand hygiene is the single most important factor in preventing nosocomial infections (infections that occur within the healthcare setting).  The Centers for Disease Control and Prevention (CDC) said it best when they called hand washing the do-it-yourself vaccine. Proper handwashing is one of the most effective ways to reduce disease transmission. It is always a good idea to review the basic principles of handwashing from time to time. Since flu season is underway, now is a great time to review!

The CDC offers 5 simple steps for effective handwashing:

1. Wet your hands with clean, running water (warm or cold), turn off the tap, and apply soap.

2. Lather your hands by rubbing them together with the soap. Be sure to lather the backs of your hands, between your fingers, and under your nails.

3. Scrub your hands for at least 20 seconds.

4. Rinse your hands well under clean, running water.

5. Dry your hands using a clean towel or air dryer. Unless you have a hands-free system, remember to use the towel to turn off the water instead of bare hands.

The evidence base concerning the spread of Healthcare Acquired Infections (HAI) continues to prove a link with the natural workflow of care. The World Health Organization (WHO) has identified five essential moments when hand hygiene is required during health care delivery:

• Before touching a patient

• Before performing a cleaning or aseptic procedure

• After a body fluid exposure risk

• After touching a patient

• After touching patient surroundings

The guidelines are designed to be easy to learn, logical and applicable in a wide range of settings. To read more about the WHO recommendations, visit http://bit.ly/1LUU6FV.


Research has proven that hand hygiene is a challenge in all health care environments, yet it is the one thing which will consistently reduce the likelihood of spreading infection. Could saving a life could be as simple as washing your hands? Yes! Proper hand hygiene protects workers and patients alike. Visit the CDC promotional page for educational materials for patients and healthcare workers and statewide campaigns: http://1.usa.gov/1jBse2u


To get a more in-depth training on proper hand hygiene please ask your admin to assign the “Hand Hygiene” course within MedTrainer or if you are not a client yet feel free to email for more information at support@medtrainer.com