Breach Prevention, Notification Insights
In an exclusive interview during the American Health Information Association's 2010 Legal EHR Summit, where she was a featured speaker, Roe advised provider organizations to:
- Consider encrypting portable devices and media as an important way to prevent breaches.
- Create a team that would be involved in responding to any breaches that occur. The team should include representatives from many departments, including legal, compliance, information technology and public relations.
- Regularly revisit all security safeguards in place to ensure they are adequate. That way, if the organization has to report a breach "you can tell a positive story" about the preventive steps you took.
- Update risk assessments whenever there is a change in business practices, new technology is implemented, or the region served grows.
Roe is principal at The Health Law Consultancy, Chicago. Her nearly two decades of experience includes working on health information technology initiatives, health information privacy, data security and electronic transactions, among other areas. She is a member of the American Health Lawyers Association, the American Bar Association and a fellow with distinction in the Life Management Institute.