Breach Prevention, Notification Insights

Interview with Kathryn Roe of The Health Law ConsultancyA key step in preventing breaches is to create clear rules for where protected health information can be stored, including strict guidelines for when it can be placed on laptops or portable media, says attorney Kathryn Roe.

In an exclusive interview during the American Health Information Association's 2010 Legal EHR Summit, where she was a featured speaker, Roe advised provider organizations to:

  • Consider encrypting portable devices and media as an important way to prevent breaches.
  • Create a team that would be involved in responding to any breaches that occur. The team should include representatives from many departments, including legal, compliance, information technology and public relations.
  • Regularly revisit all security safeguards in place to ensure they are adequate. That way, if the organization has to report a breach "you can tell a positive story" about the preventive steps you took.
  • Update risk assessments whenever there is a change in business practices, new technology is implemented, or the region served grows.

Roe is principal at The Health Law Consultancy, Chicago. Her nearly two decades of experience includes working on health information technology initiatives, health information privacy, data security and electronic transactions, among other areas. She is a member of the American Health Lawyers Association, the American Bar Association and a fellow with distinction in the Life Management Institute.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.