Clever Tech, HIPAA, and You
There’s a new cloud-based service now in beta that immediately brought to mind HIPAA and how we might adapt such a service to help advance the safety and security we need in healthcare communications.
Called babble.ly, this new service allows you to enter a phone number into a box on their Google-simple home page. It then generates a link you can post online when you need to make your phone number available. (If you’ve ever used Bit.ly to shorten a URL for Tweeting, you’ll get the idea.)
They create a free, disposable link to the phone number you entered. You can then copy that link and post it online: on Facebook, in Tweets, in forums, in e-mails, or on your web site. When the link is clicked, babble.ly connects to your number. Your number remains private and you can revoke the link whenever you want. (Would be very useful with smart phones, VoIP, Skype, etc.)
Besides the obvious telemarketer and phone surveyor avoidance benefits, this tool suggests the as-yet-undeveloped software possibilities which could enhance patient privacy and address cloud-based HIPAA concerns. For instance, if I can post my cell phone number in an e-mail to a patient without worry that access to that number might get scattered across the global e-mail winds, I can more comfortably allow access to folks who I know really need it.
Once that access is no longer relevant, the link gets revoked. Even if the e-mail goes YouTube viral, my phone isn’t hammered with superfluous pranksters, conspiracists, and nothing-better-to-do-ers.
OK, that’s one new answer to some small portion of privacy concerns, though it isn’t enough for HIPAA. Maybe there’s some similar approach we can use for healthcare, maybe on the possible nationwide web that is just for healthcare. (I’ve heard this is being discussed.)
HIPAA regulatory entities could control the inputted data – and access thereto – be it phone numbers or other health data. We wouldn’t have to entrust babble.ly or Google or any private company without public oversight to watch guard the info. Maybe health record banks could be the guard dogs and provide the de-identifying access and connection enablement.
There are bound to be more and more of these creative ways to enhance digital security coming down the pike, whether designed for healthcare specifically or otherwise adaptable to our needs. I’m thinking that these best-of-breed answers, as they crop up, need to be engaged and supported by us grunts. (I’d really love to see them integrated into the Extormities of the healthcare world – in a non-proprietary fashion – so that we can all move into a secure digital future, not just those of us with the right exclusivity contract.)
We as providers need to start thinking of how we can reach out to our digitally-adept clients, securely. As their desire to connect with us electronically expands, along with their capabilities for doing so, we don’t want find ourselves technically behind the curve.
If they reach out to us in non-secure ways, we really need to understand the privacy and security issues sufficiently so that we don’t follow them into unsecure paths and fall prey to the HIPAA Violations Police from our own digital ignorance.
From the trenches…
“Publication is a self-invasion of privacy.” – Marshall McLuhan
Dr. Gregg Alexander, a grunt in the trenches pediatrician at Madison Pediatrics, is Chief Medical Officer for Health Nuts Media, directs the Pediatric Office of the Future exhibit for the American Academy of Pediatrics, and sits on the board of directors of the Ohio Health Information Partnership (OHIP).