I recently came across a press release – “Veriphyr Donates Patient Privacy Breach Detection Service to Minnesota Hospital” – that gave me pause for two reasons. One being that I am always interested in news of charitable healthcare IT projects; and the second being that the subhead of the release further explained that the donation was made to a children’s hospital. Surely kids aren’t the victims of identity theft to such an extent that children’s hospitals are having to take precautions to prevent this type of crime, right? What could be done with an identity that hasn’t yet stepped into the world of banking, credit and loans?
Apparently, I’m pretty naive, because as a segment on NPR’s Morning Edition recently highlighted, “Identity theft is the fastest growing crime in America. Many identity theft victims are children and, because children don’t usually have reason to check their credit reports, the crime often goes undiscovered for years.” It also referred to a recent study by Carnegie Mellon University that found that more than 10 percent of 40,000 children had been victims of identity theft.
Utah, of all places, was highlighted in the audio segment because its attorney general’s office is piloting an online child identity protection service. I can’t help but wonder if they have ramped up efforts around anything to do with identity theft in the wake of the March 30th privacy breach that affected 780,000 Medicaid and CHIP beneficiaries, and the resultant resignation of the state’s IT director and apology from the governor.
I decided to get in touch with the folks at Veriphyr to learn more about why they chose to donate their patient privacy breach detection service to Gillette Children’s Specialty Healthcare – a Children’s Miracle Network Hospital (CMNH). According to the release mentioned above, the service protects patients’ personal health information by detecting inappropriate access by hospital employees and other insiders. The company uses “big data” analytics to detect potential privacy and regulatory compliance violations, and data breaches.
Alan Norquist, Veriphyr’s founder and CEO, was kind enough to answer my questions:
Has Veriphyr ever donated technology before?
Alan Norquist: “As a corporate sponsor of Children’s Miracle Network Hospitals, Veriphyr donates a portion of each sale to our customers’ local CMNH hospital. The donation to Gillette Children’s is Veriphyr’s first donation of our services to a CMNH hospital.”
Why did Veriphyr choose to become involved in CMNH, and to make a donation to Gillette Children’s in particular?
“The Veriphyr management team wanted to give back to the community and based on the background of the team, they decided to get involved with a charity involving children’s health. We selected CMNH because they offer a program that is national in scope but has local impact. Most importantly, 100 percent of our donations directly benefit children’s health – none is used for CMNH administrative costs.
“Veriphyr decided to expand our involvement by giving our Patient Data Privacy service to one CMNH hospital this year. We chose Gillette Children’s Specialty Hospital because of its internationally recognized work in the diagnosis and treatment of children and young adults who have disabilities or complex medical needs.”
Is there a timeframe or other restrictions associated with donation of the technology?
“Veriphyr will provide privacy breach detection and user access compliance services to Gillette Children’s Specialty Healthcare for one year.”
It seems we read about hospital privacy breaches on a weekly, if not daily, basis. Why does Veriphyr feel they are becoming so frequent? What should healthcare systems be doing to protect themselves that many tend to overlook?
“One reason for the increase in hospital privacy breaches is that criminals have recognized that the value of medical records is greater than other forms of data. The wealth of personal information contained in medical records can be used in a range of criminal activities including medical id theft, tax refund theft, and more. This has made hospitals a prime target.
“In response, healthcare organizations have implemented appropriate policies and training. Now, leading hospitals are taking the next step and deploying proactive services like Veriphyr’s that detect patient privacy data breaches.”
It is comforting to think that hospitals are now taking such proactive steps, especially in light of national news that criminals think nothing of taking advantage of our most vulnerable population.