Sarah E. Coyne quoted in article “Keeping your peer review information protected and secure”Credentialing & Peer Review Legal Insider 12/01/14
Below is an excerpt:
In addition to ensuring that peer review information remains protected, it’s equally important for hospitals to take appropriate steps to secure the information.
If peer review information is ever improperly disclosed, Coyne says MSPs should escalate the issue to medical staff leadership and hospital administration. “Also, MSPs should not forget to inform any provider who may be identified in the leaked information so that they do not find out from an external source.”
Although file encryption is not required by federal or state peer review law, it is required under HIPAA if patient health information (PHI) is involved, Coyne says. If encryption is not feasible, an organization must have written justification for why it’s not and state what reasonable alternative it has implemented. She advises, though, that it’s a good idea to encrypt data even when not technically required.
Originally published in Credentialing & Peer Review Legal Insider, December 2014