In addition to providing the best medical care for patients within your healthcare facility, ensuring the safety and security of staff, patients, and visitors is a high priority.
Working with all members of the public, often in emotionally charged situations, hospitals and clinics can be hot beds for incidents of violence and aggression. Unfortunately, the issue seems to be intensifying. A 2022 American College of Emergency Physicians poll of more than 30,000 emergency physicians found that witnessed emergency department violence had increased by 24% compared to figures reported in 2018.
There are a variety of reasons for the increase in violence in the healthcare environment, including low staffing, long waiting times for treatment, and inadequate training for staff in dealing with potentially aggressive patients. There is also a need to tackle the challenge head on, meaning that a robust security strategy is necessary. This involves monitoring areas within your facility using a range of devices, including network surveillance cameras which can be fixed or wearable.
Fixed cameras are ideal to ensure continual coverage of specific areas, yet discreet, wearable cameras are also increasing in popularity. These devices can document incidents from the wearer’s perspective, and they can also aid the de-escalation of potential incidents.
However, is recording footage from wearable cameras compliant with data privacy laws such as the Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR)? If so, how should you manage captured data to ensure compliance?
Wearable cameras find many applications in healthcare facilities
Wearable surveillance devices have historically been worn by law enforcement officials, but more widespread sectors, including healthcare, are seeing the benefits of body worn cameras. Medical organizations are increasingly adopting wearable cameras to not only improve safety and security by reducing workplace violence, but also for training purposes. Video images from these devices can also provide protection for your facilities by preventing fraudulent claims and addressing unnecessary use of force allegations.
For the wearer, using a body worn camera is relatively simple. If a member of your staff finds themselves in a situation where they feel that their own safety, or the patient’s safety, is at risk, they can press a button to start recording.
If the situation allows, it’s good practice for the camera wearer to inform those present that they have started recording. In an emergency, this might not be realistic, but this added declaration could assist a subsequent investigation. Moreover, this communication has the potential to de-escalate a developing situation, as aggressors might modulate their behavior when they know that their actions are being recorded. If required, informing a patient that recording has started could also help to ensure that the camera wearer has patient consent.
The integrity of video data can be enhanced by applying authentication at the point of capture. By using signed video technology. This adds a cryptographic checksum to the video, supplying proof that the footage has not been edited since it left the camera. Should the video scene be required for an investigation, this checksum can demonstrate the veracity of the events.
Once recording from a body worn camera has stopped, the video immediately becomes part of your patient’s medical records, making it subject to privacy regulations. For this reason, it’s vital to understand local regulations and their impact on how video data from a wearable device will be stored and handled. Crucially, this also means it’s vital to choose the right wearable solution that supports data management according to the local regulations.
What does HIPAA and GDPR mean for patient data?
Maintaining patient privacy is critical, meaning that data held by a healthcare provider must be compliant with regulations relevant to the jurisdiction. This includes HIPAA in the United States of America or GDPR in the European Union.
These regulations require patient information, including video and data captured by body worn devices, to be handled according to certain procedures. This includes how the data is stored, how it is accessed, and who can view the records. Failure to comply can result in significant fines and reputational damage. Fortunately, there are straightforward measures that you can implement to protect data and enhance security.
The importance of robust security policies
Recording protected health information (PHI) is not in itself a privacy violation - unless the recordings are improperly disclosed. Maintaining compliance must be a key priority for your organization and the only way to ensure this is to have comprehensive and robust security protocols, policies, and procedures in place. This should not only cover authorized access to view patient records but must also prevent data from falling into the hands of cybercriminals.
These policies and procedures are only useful when all your staff have been trained and are familiar with how to follow them to remain compliant. These policies also act as a single source of truth which your staff members can reference to ensure behavior is consistent. Adhering to these policies will not only keep patient data safe, but it will support your facility in avoiding fines and lawsuits from failures to comply with regulations.
Choosing the right wearable solution to fit your needs
Wearable surveillance solutions can form a key part of your security arsenal by acting as a low-profile method of recording footage within your facilities. They can support the health and safety of your staff, as well as patients, and can also be used to provide evidence in the event of an incident.
To achieve these advantages, it’s important to choose the right solution to meet your needs, ensuring that it is reliable and supports your intentions of keeping patient data safe through encryption and robust cybersecurity. Whichever surveillance solution you use, you must also have the right policies in place so that any footage recorded by a wearable device is treated in accordance with regulations.