• DVM360_Conference_Charlotte,NC_banner
  • ACVCACVC
  • DVM 360
  • Fetch DVM 360Fetch DVM 360
DVM 360
dvm360 | Veterinary News, Veterinarian Insights, Medicine, Pet Care
dvm360 | Veterinary News, Veterinarian Insights, Medicine, Pet Care
By Role
AssociatesOwnersPractice ManagerStudentsTechnicians
Subscriptions
dvm360 Newsletterdvm360 Magazine
News
All News
Association
Breaking News
Conference Coverage
Education
Equine
FDA
Law & Ethics
Market Trends
Medical
Politics
Products
Recalls
Regulatory
Digital Media
dvm360 LIVE!™
Expert Interviews
The Vet Blast Podcast
Medical World News
Pet Connections
The Dilemma Live
Vet Perspectives™
Weekly Newscast
dvm360 Insights™
Publications
All Publications
dvm360
Firstline
Supplements
Vetted
Clinical
All Clinical
Anesthesia
Animal Welfare
Behavior
Cardiology
CBD in Pets
Dentistry
Dermatology
Diabetes
Emergency & Critical Care
Endocrinology
Equine Medicine
Exotic Animal Medicine
Feline Medicine
Gastroenterology
Imaging
Infectious Diseases
Integrative Medicine
Nutrition
Oncology
Ophthalmology
Orthopedics
Pain Management
Parasitology
Pharmacy
Surgery
Toxicology
Urology & Nephrology
Virtual Care
Business
All Business
Business & Personal Finance
Hospital Design
Personnel Management
Practice Finances
Practice Operations
Wellbeing & Lifestyle
Continuing Education
Conferences
Conference Listing
Conference Proceedings
Resources
CBD in Pets
CE Requirements by State
Contests
Veterinary Heroes
Partners
Spotlight Series
Team Meeting in a Box
Toolkit
Top Recommended Veterinary Products
Vet to Vet
  • Contact Us
  • Fetch DVM360 Conference
  • Terms and Conditions
  • Privacy
  • Do Not Sell My Information
  • About Us

© 2023 MJH Life Sciences and dvm360 | Veterinary News, Veterinarian Insights, Medicine, Pet Care. All rights reserved.

Advertisement
By Role
  • Associates
  • Owners
  • Practice Manager
  • Students
  • Technicians
Subscriptions
  • dvm360 Newsletter
  • dvm360 Magazine
  • Contact Us
  • Fetch DVM360 Conference
  • Terms and Conditions
  • Privacy
  • Do Not Sell My Information
  • About Us
  • MJHLS Brand Logo

© 2023 MJH Life Sciences™ and dvm360 | Veterinary News, Veterinarian Insights, Medicine, Pet Care. All rights reserved.

Is your private practice really private?

May 1, 2007
James Iafe, VMD

It's simply good business practice that will reduce or eliminate costly incidents.

Legislation aimed at curbing the national epidemic of identity theft requires all businesses that collect personal information about customers and employees – including names, credit-card numbers, birth dates, home addresses and Social Security numbers – to take reasonable steps to safeguard that data.

Laws that require some form of information security and privacy education include the Fair and Accurate Credit Transactions Act (FACTA), the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and the Gramm, Leach, Bliley Safeguard Rule (GLB).

Veterinary practice owners not in compliance with these regulations may be exposing themselves to significant fines, legal liability, reputation risk and, in some cases, jail time.

According to Betsy Broder of the Federal Trade Commission (FTC) in Stolen Lives (ABA Journal, March 2006), businesses need to have a plan in writing describing how customer data is to be secured and an officer on staff responsible for implementing the plan.

Many large firms, she says, entrust data security to a chief technical officer or chief privacy officer. While FTC officials understand that most small businesses cannot employ a full-time privacy specialist, small firms still must prove they have a security plan in place.

Advertisement

"We're not looking for a perfect system," Broder writes, "but we need to see that you've taken reasonable steps to protect your customers' information."

Veterinary practices that rely on staff members to keep personal data secure should implement a program of mandatory training on privacy issues, such as proper handling of check and credit-card transactions. Some staff members may need specialized training.

Being proactive might save time and money in the future.

Case in point: The national retailer PETCO Animal Supplies Inc. experienced a data attack in June 2003. The attackers were able to read clear-text credit-card numbers in the firm's database. The FTC required PETCO to establish, implement and maintain a comprehensive information-security program to guard customer data, then obtain an assessment from an independent third party that its program and training are reasonable, and to do this biennially for 20 years at company expense.

As a private practice owner, you collect confidential information on employees for tax and payroll purposes and sometimes for medical benefits.

How are you and your staff securing this information?

You cannot expect your staff to guard employee and customer data if you do not communicate with them on how to do so. The more staff members are aware of the need for privacy, the better they will handle sensitive information, reducing the likelihood of mistakes or actions that can put you and your business at risk.

Employee education should be ongoing, delivered in multiple ways and tailored to different groups within your organization but the reality is that many practices do not invest nearly enough time, effort, personnel or resources toward privacy issues. Some do not budget for it at all.

If you take the time to create an effective program and budget for it realistically, the investment will be small compared with the impact of incidents, penalties and judgments that could otherwise occur.

Benefits of establishing an effective privacy-education program include:

  • Reducing numbers of privacy and security incidents.

  • Making personnel aware of the risks involved in handling private information and having them work in a more secure manner.

  • Retaining clients who can see the practice is protecting their personal information.

  • Meeting legal and regulatory requirements for awareness and training.

The bottom line: An effective information-security program not only meets legal requirements – it's simply good business practice that will reduce or eliminate costly incidents and fraud.

The next two articles will outline specific information-security policies that you can use in your practice.

James Iafe, VMD, is a Certified Identity Theft Risk Management Specialist (CITRMS). He practices at North Boros Veterinary Hospital in the suburbs of Pittsburgh.

Related Content:

Law & Ethics
The biggest legal threat to veterinary professionals
The biggest legal threat to veterinary professionals
How to set yourself up with lawsuit protection
How to set yourself up with lawsuit protection
Bill addressing veterinary shortage in Arizona signed into law
Bill addressing veterinary shortage in Arizona signed into law

Advertisement

Latest News

3 Must-sees for Women's History Month

News wrap-up: This week’s headlines, plus Embrace announces its top Irish pet names

Oldest tortoise at Houston Zoo becomes father to 3 hatchlings

Veterinary tech students awarded national scholarship

View More Latest News
Advertisement