In advance of the AHIMA21 Virtual Conference, we have invited experts to explore their healthcare domains through short blog posts. In this post, Jennifer Mueller, MBA, RHIA, FACHE, FAHIMA discusses how health information professionals play a pivotal role in cybersecurity.

Cybersecurity may be considered the purview of the information technology department, but health information professionals play a pivotal role in ensuring that our patients’ health information is protected against potential bad actors. 

Sometimes we don’t give ourselves enough credit to believe that, yes, we do have the extensive knowledge and expertise to contribute to developing policies related to cybersecurity and information security. 

AHIMA has been decisive on this front, developing education, resources, and policy for both members and our collaborators in the broader healthcare industry. As we head into the AHIMA21 Virtual Conference, I would like to highlight some of the areas where AHIMA has demonstrated its leadership. 

AHIMA21

One of the six educational tracks—called Impact Areas—featured at AHIMA21 is “Protect Patient Data & Privacy.” 

Sessions in this Impact Area address innovations in safeguarding the privacy and security of protected health information. Here attendees will find speakers and sessions dedicated to exploring security challenges in an accelerated world of health information interoperability, portability, and connectivity. 

Check out some of the sessions related to cybersecurity here. 

Policy

AHIMA has also developed a policy statement around the subject of cybersecurity. It is important to convey to those developing future legislation that they must consider the people, processes, and technologies that affect cybersecurity. 

The Cybersecurity and Information Security policy statement lays out five priorities to consider as regulations are developed. 

First, leaders in this space must enhance and improve information sharing of cyber threats, risks, and cyber hygiene practices in real time. Any delays in this could be disastrous and potentially violate our patients’ confidentiality and privacy. 

Another key component of future policy is that it must support an organizations’ ability to keep data confidential, ensure the integrity of the data, and ensure authorized users have timely, reliable access to data (the CIA triad). There must also be strong and clear leadership from the federal government to ensure the harmonization of laws and regulations, including state and federal laws. Not much is more ineffective than inconsistent and conflicting data protection standards of compliance. 

Finally, it is necessary to encourage HI professionals to advance their skills in cybersecurity. Therefore, federal funding and incentives for training or certifications specific to healthcare information security, cybersecurity, privacy are of upmost importance.  

Data breaches are an ever-growing threat in healthcare, and they put our patients at risk of identity theft, fraud, and compromised medical data. 

Leadership

As policymakers seek to address this issue, we must remember that we, the HI professional, have the expertise to offer practical insight. Our knowledge span is wider and greater than sometimes we think about. We know data and how to organize it in a manner suitable for successful interoperability. We know laws and regulations as we have been working under their guidance our entire career. 

Most importantly, we are leaders. We bring the necessary team members together. We know what questions to ask and we can do so in a manner which fosters inclusion and ultimately the development of comprehensive policies and procedures. 

As an HI professional, we are surrounded by over 80,000 other HI professionals who are there to support us. We are also fortunate to have a national association in AHIMA who has our back and advocates on our behalf, as well as for our patients. Our attention to detail is unmatched and our ability to take our expertise into this space is right at our fingertips. As the old saying goes, if you want to learn how to swim, you have to jump in the water. 

Jennifer Mueller, MBA, RHIA, FACHE, FAHIMA, is vice president and privacy officer at the Wisconsin Hospital Association Information Center. She also is Treasurer of the AHIMA Board of Directors.