Everyone who works at BWH – whether involved in patient care, research, support services or administration – is responsible for maintaining patient privacy. Respecting and protecting our patients’ information is a critical part of our commitment to them. In order to uphold this commitment, the BWH Privacy Office is proactively auditing patient records to monitor for inappropriate access in 2017.
Because BWH is known worldwide for our innovative and lifesaving work, our staff members have the privilege of caring for many of our own family members, friends and colleagues, as well as individuals who are well-known. It is a violation of the Brigham’s policies to access a patient’s electronic health record without a clinical or business reason to do so.
It’s important to note that even searching only a patient’s name can be considered an “access” of a record, as the search returns patient demographic information, which is also protected by federal law. In many cases when information is inappropriately accessed, the Privacy Office needs to notify the patient in writing of the incident, as well as governmental authorities.
Partners eCare enables the Brigham to track access and record each click of any user who views and interacts with a patient’s record. Individuals who access medical records outside the scope of their work are subject to disciplinary action, including termination. Violation of patient privacy is also a federal crime.