We’ve been writing about healthcare data breaches since the first months of our blog, and the problem has yet to improve. A Ponemon Health press release this afternoon showed a 32% increase in health industry data breaches since 2010. Some analysts continue to blame controversial electronic health record legislation, but just as we reported back in August, most of this year’s data insecurities have been related to sloppy security practices and employee error. Here are the raw statistics from Ponemon’s release:
- 41% of surveyed health care organizations attributed their breaches to “sloppy employee mistakes.”
- 80% of organizations carry sensitive information on mobile devices, including laptops, mobile phones, external hard drives, or other technology, and…
- 49% of the breaches were caused by lost or stolen mobile devices, and even worse…
- Around 50% “said theirorganization does nothing to protect the information contained on mobiledevices.”
- 55% of health care organizations claim to have no confidence in their ability to detect a privacy breach.
All of the evidence points directly to mobile devices, and thus, EHR’s. And it is hard to argue with the logic that electronic records can’t get stolen if they don’t exist, but there is an inherent flaw in that thinking.
A popular Ukrainian song contains a similar sentiment, “If you don’t have a house, house fires won’t scare you…Think on your own, decide on your own, to have or not to have.” Of course there is a risk of EHR theft, but that is no reason to dismiss a largely beneficial system. Not to mention the fact that printed documents are just as easily lost as cell phones are.
Next week, we’ll look at some ways to improve data security while still embracing the positive aspects of health care technology.
-------------------------------------------------------------------------------------------
Pam Argeris is a thought leader in the Healthcare Industry and possesses extensive, hands-on experience with CMS compliance, and multiple regulatory bodies such as NCQA, JACHO, and DOI. In her role at Merrill Corp., Pam focuses on developing solutions for compliance and quality assurance, delivered in a cost effective manner to improve beneficiary and prospect communications. You can contact Pam at Pamela.Argeris@merrillcorp.com.
No comments:
Post a Comment