Monday, November 07, 2005

Scary Indecision

When I speak at conferences, I always ask who is in compliance. Nearly every hand comes up, but by the end there are enough of the same dozen questions to let me know that far too many of us are not. Here is a horror story from WZZN in Grand Rapids, MI:

We looked at about a dozen unlocked, ungated dumpsters and found information in about half of them. The private information came from a handful of locations, out of tens of thousands of medical providers in Michigan. But, health care privacy laws are in place to make sure no personal patient information gets out.

If I were a greedier man, I would do a combination of dumpster diving and wardriving, and sell that information to a hungry litigator. Instead, I am working on the side of the angels, trying hard to nudge the healthcare world into the 21st century. Please, don't think that you can roll the dice, and just slide by with compliance. It isn't just HIPAA that will rise up and bite you: at least 16 states have far more draconian laws on the books.

No comments: