Health Discussions and The Impact on Privacy
When we first learn someone in the family is seriously or chronically ill, we experience an emotional rollercoaster. Fear, concern, love and sadness ripple through the family, as everyone tries to digest the news. Urgent phone calls ensue. Group texts and emails laced with details on our loved ones’ medical conditions buzz throughout the family and friends, all anxious to know how the patient is doing and how they can help. Patient’s family are not the only ones to go into non-stop communications. The patient’s healthcare providers go into fix-it-now mode, communicating with colleagues and the family at hyper-speeds. You can read my earlier blog to explore healthcare provider text messaging habits and privacy concerns. Suffice it to say, today’s healthcare providers don’t hesitate to use text messaging to exchange information on patient status, lab results and prognoses. I saw this first-hand at a recent office visit with my Mom’s wonderful doctor. As we discussed Mom’s condition, her doctor pulled out two smartphones and a tablet and sent text messages to three different specialists consulting on her condition. The big question looming over all these communications that none of us ever think about is – how safe is the sensitive medical information we share?
We Need a Safe Hive
The truth is when Dad has a heart attack or a sister is in a car accident, we don’t think about the safety of the data we share. We react. Privacy and data security couldn’t be farther from our mind in these moments. Rightfully so. We simply start reacting and sharing information within our family beehive. We talk freely, express emotions and put our heads together on what is needed for recovery and long-term care. The family beehive is all about family support. And you can bet we give the healthcare community any information they need as fast as possible. Today, this usually means texting the information. Unlike healthcare providers, family members are not subject to the privacy and security mandates in the Health Insurance Portability and Accountability Act (HIPAA). However, there is a huge market for medical information, drug prescriptions, social security numbers and credit card numbers on the dark web. Cybercriminals are mastering how to invade devices to steal this exact type of information we bandy about in our family beehives during a health crisis. The recently announced Yahoo breach should be enough to make everyone reading this blog cringe when they think about what has been shared in their family beehive.
Financial and Legal
Abrupt, upsetting news about a family member’s failing health can trigger touchy financial discussions too. Will the patient have enough coverage and money for rehabilitation, ongoing medications, and long-term care? Conversations on family members’ chipping in for care costs if the patient is low on capital can quickly erupt into private, emotionally-charged communications. You guessed it – much of which happens on unsecured digital devices. We share patient primary insurance, Medicaid and Medicare coverage data among family members, payers and medical administrators using text messaging throughout an illness. Who stops to think about the information safety? In addition, legal documents on medical and legal decision-making on behalf of the patient must sometimes be signed. Doctors, family members, and lawyers exchange information on the patient’s mental capacity, finances and balance sheet. Do not resuscitate, organ donation and which child will make medical decisions if the patient is unable to, are all very private discussions that should be secure.
Under HIPAA guidance, if the patient doesn’t object, healthcare providers can provide protected health information (PHI) to family and friends involved in the patient’s healthcare or payments. In many families one person steps up to be the care “hub”, taking over to interpret medical advice, manage the patient’s care and keep the family informed. Whoever becomes the “hub,” signs up for a very important, but overwhelming, job. For months and even years, they will regularly email and text about PHI with family, doctors, nurses, post-acute and long-term care health providers. Their computers and mobile devices will be chock full of PHI. Yet, most will probably never think about the risk of data loss or hackers.