Dive Brief:
- Kaiser Permanente is attempting to improve HIPAA compliance by making every employee feel responsible for the task, according to Jim Doggett, its chief security officer and chief technology risk officer.
- Doggett says that the key to improving compliance is "training, training, training, and then more training." The idea is to make sure employees understand their role in protecting patient information.
- He's got a lot to protect: Doggett's team works to guarantee the security of about 273,000 desktop computers, 65,000 laptops, 21,700 smart phones and 21,000 servers, plus 9 million-member records.
Dive Insight:
Despite its efforts, Kaiser has had breaches of data security — in one high-profile case, 300,000 Kaiser patient records were found to have been stored in a couple's Los Angeles area home. But Doggett's policy is to require annual training of all staff and physicians in response to such breaches, as well as analyzing what happened and notifying those affected.