Greg Young may assume many identities, but his main goal is to protect yours
Until now, I have only known Greg Young in his capacity as a local thespian, and was wowed by his terrific performance as Otto Frank in the Mammoth Lakes Repertory Theatre production of “The Diary of Anne Frank.”
But most folks, especially those who work at Mammoth Hospital, know Young in a different capacity, that of Information Security Officer.
Young has achieved some national notoriety for expertise in his field based upon recent cases in Maryland and Massachusetts which have cost hospitals millions of dollars in fines.
The hospitals in question were fined due to security breaches regarding medical records.
Young, who was prominently featured in the story that appeared at www.healthleadersmedia.com, said he initially just commented on the cases on a listserv of fellow professionals.
His comments were seen by HCPro, a company which “provides information to the healthcare compliance, regulation and management industry.”
An HCPro senior editor then wrote the story for HealthLeaders Media.
Then, OCR (Office For Civil Rights), which is encompassed within the U.S. Dept. of Health and Human Services and is responsible for enforcement of HIPAA (Health Insurance Portability and Accountability Act), contacted Young about interviewing him for an educational series it is producing.
That interview is scheduled for next week.
What makes Young a compelling interview subject is his breadth of experience in his field.
He is not only a retired police officer and detective (he might still be in law enforcement today if not for an injury sustained chasing a suspect over a fence), but also has worked as a security specialist in the aerospace industry.
He was also an early convert to the internet and was actually the first person to offer internet service in the Eastern Sierra, founding qnet in 1995.
He acknowledges that his background is atypical for his position, noting that most information security officers at other hospitals are recruited from the medical records department.
So how is Mammoth Hospital doing when it comes to protecting patient privacy? Young said that out of 50,000 patients last year, there were 11 “disclosures.”
But he adds that when one factors in how many people might handle a medical file during a visit (he estimated ten, when you factor in nurses, physicians, billers, auditors, etc.), that’s a half-million opportunities for error.
“A big part of what I do is to educate [hospital] staff. My role is similar to that of a Fire Department. The goal is prevention.”