Sticky Notes: Potential for Trouble!

The idea for sticky notes was conceived in 1974 by a gentleman by the name of Arthur Fry. He was looking for a way to hold the bookmarks in his song book while singing in the church choir. 

He worked at 3M and was aware of a co-worker’s accidental invention of a light sticky tape substance. He put two and two together and the sticky note was born.

What’s not to love about sticky notes? They’re inexpensive, easy to use, and serve a critical function whenever we need a bright yellow physical reminder stuck on our desks.

The problem with sticky notes is that they can have a dark side that many people aren’t aware of: they’re insecure and anyone can read them.

For most applications, sticky notes work just fine – but when you’re dealing with HIPAA-sensitive information, they can be your worst enemy – especially if an auditor happens to walk into the office for a surprise inspection and sees confidential client medical data written on a sticky note attached to a computer monitor.

While most people who work with HIPAA-sensitive information have been given training about the importance of client privacy and keeping their medical information secure – there are times when one might inadvertently jot some client-sensitive medical information down on a post-it note while on the phone – with the best intention of throwing it away at a later point in time.

HIPAA and HHS fines are continuing to get higher and higher as the years go by, and just a single fine can put an agency in serious financial jeopardy.  As technology progresses, state and federal regulators are only going to require more and more stringent security measures throughout the office.

Here are three things you can immediately do to help lessen the risk of violating HIPAA and other client-data laws:

1.      Look into the mirror – Change starts from within and sometimes a long hard look at office policies and procedures will uncover instances where HIPAA or other laws are inadvertently being violated.  An internal office audit could uncover some blatant violations, even if they’re “best intentioned.”

2.      Communicate with your team-  Team members may think that because something isn’t being communicated – it’s not that big of a deal. It’s important to re-affirm your commitment to keeping in compliance by vocalizing this to your team members at least once a quarter.  You could even write a reminder down to protect sensitive client data on a sticky note!

3.      Implement a “clean desk” policyCSOis a website that’s dedicated to security. It states that the biggest security risk in an office is a messy desk. Things get shuffled around and lost – including client data!  If you implement a clean desk policy in your office, it will reduce the chances of sensitive data from being mishandled.

There’s one other way to ensure your client data is protected: implement software that was specifically designed for agencies.  Sensitive client data is stored inside the secure software database instead of on a sticky note or loose piece of paper on a desk.  If you’d like to learn more about how Intuition by Vertex can give your agency the peace of mind when it comes to compliance, give me a call (614) 318-7100 to schedule a no-obligation 10 minute demo.

Contact Us!

Enter the characters shown in the image.