Advocating for Patient Privacy in the Workplace; Part I – It’s Complicated!

I strongly suspect that a growing number of healthcare organizations are starting to re-shore their HIM functions and I’m very curious about what’s happening behind closed doors.   What would spark this decision when the offshoring of medical records is marketed so aggressively as the ultimate solution to HIM workflow problems.  Who made the decision to bring medical records back to the US for processing? What do these conversations look like?  Did it happen in tandem with a senior management change?  Did the relationship with the vendor go south?


I have so many questions about this because I know that the answers are valuable.  They are the pathway to success. 

Getting these answers is difficult, if not impossible, because important decisions are made within the gilded vaults of business offices in hospitals, healthcare organizations and private corporations and these organizations are notoriously secretive, any information gained is merely anecdotal.  It’s all word of mouth, conjecture and rumor.

And almost no high level decision-maker is willing to admit that they took a big financial gamble, over-exposed their patient populations to what experts call “lawless jurisdictions” or found themselves in some other disadvantageous position when it came to the decision to offshore medical records.

How do we, as patient privacy advocates, replicate the re-shoring of medical records in our own organization if we don’t have a template for success?  We know that in many cases these electronic medical records are returning to a fully HIPAA accountable US workforce.  It's great news for our patient populations, but we need to know why and how these decisions are happening so we can reverse engineer it within our own organizations.

 As I see it, the biggest hurdle for those who are trying to initiate change within their business office is The Sunk Cost Fallacy and how it dictates business decisions.  According to Cambridge Dictionary, The Sunk Cost Fallacy means that a company or organization is more likely to continue with a project if they have already invested a lot of money, time or effort in it, even when continuing is not the best thing to do.”  In layman’s terms, it means to throw good money after bad.

We really hate being wrong, it's universal. Mistakes expose our humanity and make us vulnerable to the judgement of others.  Most of us would rather fall on the sword of our own bad decisions than face the fall-out that comes with admitting fault and changing course.  Managers and executive level leadership are routinely fired for implementing erroneous business practices.  Increased culpability is only one of the downsides of rising up through an organizations ranks and being granted decision-making power.  It stands to reason that the person signing the dotted line of the Business Associate Agreement has the most to lose if the decision they make is exposed to be risky and ill-advised. 

There's no doubt an interesting story behind every decision to bring health information management functions back to a domestically-based workforce.

A little bit of compassion will go a long way when initiating conversations within our organization and if we’re the type of person willing to stick our necks out for the best interests of our patient population's privacy, we’re probably not short on compassion.

This also means, as advocates, we’re really swimming against the current when we decide on a cooperative, compassionate approach that makes room for the perspectives of others.  Because business and corporate culture isn't exactly synonymous with compassion and cooperation.

And while it’s tempting to point fingers at decision makers and declare them “wrong” that’s not what’s going to advance our agenda as patient privacy advocates.

boy-child-clouds-346796 (2).jpg

What do we do?

We play the long game. 

We do our jobs to the best of our ability and we stay engaged.

We educate ourselves and we wait for pivotal points to start conversations with the decision-makers of our organization, we learn to identify shifts in direction and when it’s appropriate to speak up, we speak up in the spirit of cooperation.  We speak up in the best interest of our patient populations and we say, “there is some new data regarding the offshoring of medical records, can I email it to you?”  or “I’ve printed some articles from security experts regarding HIPAA limitations when records are offshored, do you have time for a meeting?”

We must also never, ever apologize for bringing this information to a superior’s attention.   It doesn’t matter where you are in any organization’s food chain, you have the inalienable right to express your opinion.  You are also tasked with the responsibility of doing so respectfully if you want to keep your good standing at your job.  It’s a delicate balance, it's really not easy.  But it’s so worth it.

Speaking truth to power is a risk and no one wants to lose their job or be branded as a trouble maker.  Advocacy in the workplace isn’t for everyone, but if you feel the call to speak up on behalf of your patient population and you don’t know where to start, please feel free to contact me. Better yet, suggest that your boss email me and I’ll advocate for your patient population personally, at no cost.  If you have about 27 minutes, watch my webinar or print out the FAQ page.  These resources are free, as is any additional guidance from me.  I hope to hear from you!