Data Protection and Privacy key theme at AHIMA20

Last week John Lynn and I had the opportunity to attend the annual AHIMA conference (#AHIMA20) which was held virtually. After attending numerous sessions over the three-day event, it was clear that data privacy and protection was on the minds of event attendees.

In addition to the dedicated privacy and security track, a quick scan of the other presentations showed that protecting patient data was a key topic in the AI, SDOH and Informatic/Analysis and Data Use tracks. It’s not surprising given the growing awareness of health data security amongst patients and regulators.

Surprising source of breaches

One surprising fact that many patients may not realize is that the most common form of privacy breach remains paper records. Yes, that’s right PAPER records.

In her session “Data Breaches & Privacy Officers: Studies of Their Characteristics and Those Who Report”, Amanda Walden, a faculty member at the University of Central Florida in Orlando, FL presented the slide shown on the right.

You could almost hear jaws dropping over the Internet.

Walden referenced a 2018 study published in The American Journal of Managed Care where researchers looked at the data breaches reported to the HHS Office of Civil Rights from 2009 to 2016 and found that paper records were the top source of data breaches in hospitals. However, paper breaches were found to affect the least number of patients especially when compared to the thousands of records that were impacted with a breach of electronic records.

I found this statistic shocking on two fronts. First, I did not realize there were still significant numbers of paper records being used in US healthcare. Second, I had no idea that they were so frequently breached. I had the notion that paper records were somehow more secure than electronic ones given they were not susceptible to phishing, viruses or other electronic forms of attack.

Device security goes beyond clinical areas

Immediately following Walden’s session, I attended Ty Greenhalgh’s presentation “Medical Devices – An Open Door to Harm Networks and Patients” and the surprises continued.

This was eye-opening for me. I never really considered all the devices in other areas of a hospital, like the cafeteria and main lobby. As Greenhalgh points out, those devices are just as important to secure as the ones in the patient rooms because all of them operate on the same network and are thus interconnected.

Compliance with HIPAA is not the same as trust

By far my favorite comment from AHIMA20 about privacy came from the opening panel discussion:

The panel put into words what many HIM and Health IT professionals have known intrinsically – that compliance with HIPAA doesn’t necessarily equate to being a trustworthy organization. Trust means so much more than how you treat healthcare data. According to the panel, trust is the most important form of patient currency right now and without that, healthcare organizations cannot grow.

Most interesting AHIMA20 sessions

One of the most interesting session at AHIMA20 was “No More Wristbands” that showcased IDION’s skin-applied patient identification technology. This was essentially a patch that was printed (painlessly) onto the patient that had all the same information as a wristband. Patients found it far more comfortable and clinicians (nurses especially) found the patches much easier to use. More on this in a future article.

Another interesting (and enjoyable) session came from the Office of the National Coordinator (ONC). Stephen Konya moderated a panel that spoke about FHIR at Scale.

Fun Stuff

In addition to the educational sessions, there were several fun things that happened at AHIMA20.

CorroHealth, the newly formed company from the merger of: TrustHCS, Visionary RCM, T-System and RevCycle+, published a series of #AHIMACarTalk videos – the socially distant version of last year’s super-successful #AHIMARoadTrip campaign.

There was also MRO’s chocolate pick-me-ups that they sent out:

The best was this short video via himagine solutions that featured none other than “The Hoff” himself – actor David Hasselhoff.


AHIMA20 was well run, easy to navigate and I didn’t experience a single technical issue (a rarity). I can honestly say it was nice to get back to live-tweeting sessions after a long self-imposed hiatus over the summer.

It was also fun to be able to coordinate event coverage with John, something we have not been able to do since last year. He met with a number of vendors and wrote several great articles from his discussion:

About the author

Colin Hung

Colin Hung

Colin Hung is the co-founder of the #hcldr (healthcare leadership) tweetchat one of the most popular and active healthcare social media communities on Twitter. Colin speaks, tweets and blogs regularly about healthcare, technology, marketing and leadership. He is currently an independent marketing consultant working with leading healthIT companies. Colin is a member of #TheWalkingGallery. His Twitter handle is: @Colin_Hung.

1 Comment

Click here to post a comment