When healthcare information are breached and compromised, healthcare organizations are tasked to report such incident to the US Department of Health and Human Services (HHS) Office of Civil Rights, which is tasked to. When 500 or more records are involved, the HHS Office of Civil Rights must publicly post it on its official website, which is dubbed as the “wall of shame”.

Importance of Health Records

Health records containing one’s medical history are as important as— and sometimes, even more sensitive than— text and email messages. The Office of Civil Rights’ primary duty is to ensure the safety and the privacy of these documents as mandated in the Health Insurance Portability and Accountability Act (HIPAA). Aside from that, it is also responsible for providing efficient transparency that is intended to help patients obtain a much-needed awareness.

However, the current format of HHS Office of Civil Rights’ wall of shame fulfills neither of the two main reasons for its establishment.

Failure to Protect Patients’ Privacy

There are many factors that cause privacy breaches from time to time. The HHS Office of Civil Rights reports all privacy breach incidents on their website but it does not state how the documents were compromised. Moreover, the website also does not indicate the organizations or groups responsible for the breaching activities. In such case, the public shaming does not really occur. This quite does not help in preventing these incidents from happening in the near future.

With this system, patients are not necessarily freed from the fear of having their personal medical databases compromised. In line with this, there is a need for HHS Office of Civil Rights to amend its website and publish further details about the database breaches. Furthermore, American patients prefer for it to disclose publicly the ruling for each case and the resulting penalties for all violators.

As a government entity established for the protection of people’s rights, the HHS Office of Civil Rights also need to lead the campaign against medical record breaches. Instead of keeping up with the culture of finger-pointing, the HHS shall begin its efforts to investigate thoroughly the roots of every case at hand in order to create a breach-free healthcare database system.