Popular search tools, such as Google Desktop, are very handy, but they can also place your information, your patients' information, and the hospital's information at great risk.
Recently, Google upgraded its Google Desktop software to include a new "Search Across Computers" feature, which allows you to search your computers remotely. In order for this feature to work, Google copies your files and stores them on its own computers. These files can include your Web history, email, chat logs, Word documents, spreadsheets, PowerPoint presentations, PDF and text files.
When your information is stored on a third party's computer, you cannot be sure that it is protected and kept private, and if patient information is involved, the hospital may be in violation of HIPAA. Your computer contains a great deal of sensitive information, including personal conversations, internal hospital memorandums, possibly patient information, proprietary data and research. Google may choose to use this data for marketing purposes, or sell it to other people. Imagine if drug companies used patient information, purchased from Google, to send advertising to patients' families. Furthermore, there is no way to guarantee that a third party, such as Google, properly secures its systems, which can leave your information vulnerable to malicious hackers.
Even Web-based search engines, like Google, Yahoo and others, track more information than you might expect, including your computer's address and browser type. The Web sites also install "cookies" on your computer, so that they can recognize you and keep track of your behavior. Search engines keep track of the searches you enter and can correlate based on date, time, address, etc. Be careful what information you search for—it can reveal a lot about the patients you see and the projects you work on—and never enter personal information or EPHI into a search engine.
In searching, as in life, nothing is ever really free. When you get information, you give information up as well. Always be mindful of where you are sending your data, and be cautious about trusting third parties to protect your information or the hospital's information.
For more computer security tips and articles, check out the E-Help security Web site: