Protecting patients and staff from workplace violence, theft, and other risks is a top priority in today’s healthcare environment. Surveillance cameras are one of the most effective tools for achieving this goal – but how do you know which type to use? This blog post will explore the risks associated with surveillance cameras in healthcare facilities and best practices for implementing them effectively!
Many customers ask questions about best practices of surveillance cameras and HIPPA expectations in the healthcare industry because patients are considered “PHI – Protected Health Information” and subject to HIPAA regulations. Nearby surveillance should protect the identities of innocent bystanders while still providing security for those in need.
Installing surveillance camera systems in medical facilities can help prevent and deter theft and violent behavior. Hospitals, doctors’ offices, dentists, pharmacies—all are allowed to install cameras for most areas of the facility except those with obvious privacy issues such as bathrooms or computers. This means you could find them at entrances, exits, fire escape points, elevators, closets–even corridors! But what about waiting rooms? Yes, these have been subject to security breaches before, and cameras are allowed in waiting rooms.
HIPAA safety rules require administrative, physical, and technical safeguards to protect patient privacy and security. Password protection is a basic security precaution required by HIPAA compliance programs for maximum protection of your information. Also, like every other type of electronic data, the files must be encrypted at rest, meaning even when it is not in use, it must be encrypted. Check with your camera system provider to make sure proper encryption is in place.
If you’re concerned about camera location, remember that surveillance cameras cannot capture images of anyone who is changing clothes, injecting themselves, or other activities that compromise privacy. Surveillance footage should only be used for security purposes, and any recording can occur in public areas. To avoid privacy breaches from recordings on the premises, make sure there’s an adequate distance between monitoring devices and patient rooms at all times.
HIPAA violations can occur when health facilities place surveillance cameras in positions that capture private patient data displayed on computer screens. You should install cameras and avoid capturing computer screens within their field of view. The camera used to monitor patients must be accessible only by appropriate clinical staff members, not employees walking past or nearby during monitoring times because they have access to every room.
The primary areas of risk when installing the cameras are:
Installing the cameras in the wrong place
Failure to configure and implement proper controls, policies, and procedures in compliance with regulation
Failure to provide appropriate guidance and awareness training to employees who might be in charge of the footages
The number of surveillance systems in the marketplace varies from consumer–level systems such as Amazon Ring Doorbell to commercial graded systems such as ADT Systems. Whichever system you might choose must provide end-to-end encryption. For those using Amazon Ring, they have rolled out end-to-end encryption only this last January/2021. You can visit Ring’s support page to determine if your device supports end-to-end encryption and how to configure it.
To summarize: a hospital, doctor’s office, dental practice, or pharmacy may install CCTV equipment anywhere except bathrooms or computer screens as long as it doesn’t violate HIPAA safety rules. Remember to use password protection and ensure the data is encrypted even when stored at rest. And never film patients while they change their clothing, operating rooms undergoing a procedure, or administering any drugs or medicine!