The following is a guest article by Bill Young, Director of Healthcare & Life Sciences at SYSTRAN
Keeping patient data confidential and secure remains a major healthcare challenge today, more than 25 years after the introduction of the 1996 Health Insurance Portability & Accountability Act or HIPAA.
HIPAA is regulatory guidance to ensure Patient Health Information (PHI) is protected in specific entities, mainly healthcare facilities, and healthcare admin support institutions, for the transfer and flow of health information.
How has the HIPPA management challenge increased? To review, in 2021, the US Department of Health and Human Services (HHS) found that every 10 seconds, 14 US citizens’ PHI is compromised either through data hacking or unauthorized disclosure through healthcare providers and support institution networks.
That is close to 45 million US citizens each year. It’s a big and expensive problem for nearly every healthcare organization.
Now according to the HIPAA journal, penalties and actions have increased overall recently, largely due to OCR’s HIPAA Right of Access enforcement initiative, which was launched in late 2019. Since then, OCR has been cracking down on entities that have failed to provide individuals with timely access to their medical records and has increased enforcement efforts overall.
But if there’s one area that few HIPAA security officers consider a high-risk failure point when it comes to data breaches, it’s in situations where language barriers occur. In fact, it’s the seemingly benign appearance of these situations that makes them so dangerous.
In fact, one of the most common breach risks occurs in the translation process. Because many healthcare providers do not already have a translation system in place, a full 80% of employees typically do not follow risk avoidance policies when translating patient data. The key culprit in this is the use of free online translation platforms because those platform providers do not adhere to HIPAA protocols and regulations.
Ensuring that non-English patients understand their healthcare providers is the law in the United States, mandated by Section 1557 of the Affordable Care Act, which is a federal civil rights law that broadly prohibits discrimination, which includes foreign-speaking patients.
Europe, unsurprisingly, offers similar protections in the form of EU MDR Articles 10 & 32.
Adhering to these protocols might seem simple, but because real-time communication and collaboration are so central to efficient healthcare provision, and because language barriers are not often encountered, the task of securing patient data is often missed, and HIPAA is breached.
How are these policies being breached when sensitive patient data is communicated? Simply put, these breaches occur either through the use of outsourced translation services or through one of the healthcare industry’s biggest HIPAA challenges: the use of unsecured, free cloud-based language translation platforms.
Adopting a secure machine translation system, then, is the best way to avoid these potentially dangerous and expensive situations.
Machine Translation (MT) has been around for almost 75 years. Its reputation for speed has been and remains very strong. In fact, today’s MT can take what might look like a 36-hour translation problem and solve it in 5-10 minutes.
With Artificial Intelligence frameworks built into machine translation systems, quality issues can be addressed immediately and permanently. Natural language processing tasks that were once beyond the scope of MT systems are now built-in.
Contextual factors are now also far easier to address thanks to developments like Neural Fuzzy Matching, which takes context matching to levels that would have seemed unreasonable to expect even 10 years ago.
Today’s MT systems offer the highest quality ever, sure, but the real advantages come from the AI structures in the system. Not only do these systems learn with every correction, ensuring that repetitive errors do not occur, but they also offer a major benefit: the ability to train their translation engines using previous data.
This means that a healthcare provider that has, say, 30 years of translation data, all adhering to its protocols, language style, and branding, becomes a huge asset that can be exploited to ensure the ultimate in personalized translation quality.
Why is this actually revolutionary quality development so important? Because the risk of data breaches inherent with free online translation portals may be serious, but so is the risk of bad translation that leads to improper care.
Securing patient data is a task that will continue to be an issue for years to come for healthcare providers. As America’s population of Limited English Proficiency (LEP) citizens continues to grow, language translation will remain a key issue for healthcare organizations looking to not only protect patient data but also avoid the dollar and reputational cost of enforcement actions.
Confronting the trojan horse of insecure language translation isn’t an expensive process – but ignoring it offers the guarantee that someday soon, it will be.
About Bill Young
Bill Young is the Enterprise Business Director for Government, Healthcare, and Life Science clients at SYSTRAN Software. Bill’s clients include many of the largest US and Canadian Government, Healthcare, and major Life Science and Pharmaceutical companies. Bill has been an expert panelist for a variety of webinars and conference presentations in his career and has a Bachelors of Science in Business Administration from UC Berkeley and a Masters in Business Administration from George Washington University. He is a former US Marine with an extensive 20-year background in the Life Science industry as a surgical consultant for surgical microscopy and neurosurgery advanced imaging.
