We desperately need a tool to reduce our exposure to data breaches. I have a physician friend who was hacked through a 3rd party software vendor and was held responsible for tens of thousands of dollars in notification fees and credit monitoring. He got off lucky, I have over 11 thousand patients in my database from 1997.
In this day and age, I want to remove patients from my database, or at least their PHI, if I have not seen them in XX years. In my state, I am only required to maintain records on patients for 7 years or 7 years past the age of maturity (18).
Data breach insurance is totally inadequate and expensive for those of us with large databases. I just want to remove them and not be responsible moving forward.
Key point: I have a lot of documents scanned into the Doc Ctr. So, for the PHI to be totally gone, I would need to remove these records as well.
Guest
Thank you for the recommendation, we are always looking for ways to improve the product. we will consider this for a potential future release.
Going along with this, we have had archived patients calling us due to being contacted from our patient newsletters. We have sent out multiple updates about our office operations throughout the Coronavirus Pandemic, and we recently found out that the news letters were going to archived patients. I think that when a patient is archived all of the contact preferences should be voided. The system should skip over them when sending out mass emails. Or it should automatically delete their email addresses if they're archived. Archived patients should not be receiving communications from our office.