Want to know what's happening next in healthcare?

MedCityNews is the leading online news source for the business of innovation in healthcare.


“I read MedCity because it captures the pulse of what's going on in healthcare innovation, a go to source. I also like how MedCity supports women in digital health.”

Dr. Charlene Ngamwajasat, @doctorcharlene, Physician and techie


Sign up for our daily newsletter


Topic: Health Data

Published in partnership with the Health Data Consortium. The Health Data Consortium is a collaboration among government, non-profit, and private sector organizations working to foster the availability and use of health data to drive innovations that improve health and health care.

Survey: Half of healthcare orgs aren’t sure they can detect all patient data privacy & security breaches

March 19, 2013 10:25 am by | 0 Comments

Computer-Data-Privacy-and-Secu-940581

As the use of mobile devices, file-sharing software and cloud services has been on the rise among healthcare providers, data breaches have been rising steadily along with them. A hefty 94 percent of healthcare organizations who participated in an annual survey said they had at least one data breach in the past two years.

What’s more startling is that 45 percent said they’d had more than five incidents, and half reported little or no confidence that their organization had the ability to detect all patient data loss or theft.

For its Third Annual Study on Patient Privacy & Data Security, published in December, the Ponemon Institute surveyed 324 administrative and clinical personnel at healthcare facilities – most of them hospitals or clinics that are part of a network or integrated delivery systems. Those personnel reported that the most commonly breached data are medical files and billing and insurance records, lost or stolen most often from a desktop, laptop or smartphone.

Advertisement

Interestingly, although the number of data breaches has gone up, those surveyed reported increasing confidence that patient billing information and medical records would not be susceptible to loss or theft. In contrast, many more felt that employee records were the most susceptible data.

While many new technology applications pose the advantage of greater efficiency and convenience to healthcare providers, they also open the door for the unsecure transmission of data that may be behind some of these breaches. For example, eight of 10 organizations surveyed allow personnel to bring their own devices and use them to connect to the organization’s network. More than 60 percent of the organizations surveyed also reported moderate or heave cloud usage, although almost 50 percent said they weren’t confident that the cloud was secure.

While most organizations reported compliance with periodic HIPAA privacy and security awareness training for staff, they still reported that the second-most-common cause of lost or stolen data was an employee mistake, following a lost or stolen computing device.

The graphic below, put together by BackgroundCheck.org, highlights some of the other interesting points from this survey.

94% of Healthcare Organizations Breached

[Computer privacy photo from BigStock Photos]

Copyright 2014 MedCity News. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Deanna Pogorelc

By Deanna Pogorelc MedCity News

Deanna Pogorelc is a Cleveland-based reporter who writes obsessively about life science startups across the country, looking to technology transfer offices, startup incubators and investment funds to see what’s next in healthcare. She has a bachelor’s degree in journalism from Ball State University and previously covered business and education for a northeast Indiana newspaper.
More posts by Author

0 comments

Health Data Consortium

Published in partnership with the Health Data Consortium. The Health Data Consortium is a collaboration among government, non-profit, and private sector organizations working to foster the availability and use of health data to drive innovations that improve health and health care. More information on the Health Data Consortium can be found at HealthDataConsortium.org.


Latest From HDC Blog

#HealthData


Recommended Links

Health Data Consortium

Website | LinkedIn | Twitter

HealthData.gov

Website | Facebook | Twitter

Health Data Initiative Forum

Website


Profiles

Todd Park

United States Chief Technology Officer

Todd Park is the United States Chief Technology Officer and in this role serves as an Assistant to the President. Todd joined the Administration in August 2009 as Chief Technology Officer of the U.S. Department of Health and Human Services (HHS). In this role, he served as a change agent and “entrepreneur-in-residence,” helping HHS harness the power of data, technology, and innovation to improve the health of the nation.


Bryan Sivak

Chief Technology Officer, Department of Health and Human Services

Bryan Sivak joined HHS as the Chief Technology Officer in July 2011. In this role, he is responsible for helping HHS leadership harness the power of data, technology, and innovation to improve the health and welfare of the nation.


Steven Randazzo

Communications Lead for Innovations Team, Department of Health and Human Services

Steven works with the HHS's Chief Technology Officer to promote the formation and adoption of innovative processes and products in government. Steven is the manager of three open data and innovation blogs and his primary duties focus on external communication of the initiatives and priorities undertaken by HHS and outlined in the Open Government Plan.


Jim Cashel

Chairman of Forum One Communications

Forum One Communications is a digital communications firm which works at the nexus of technology, public policy, and online community. With offices in Washington DC, Seattle and San Francisco, Forum One has completed 1000 projects for 300 clients, including foundations, nonprofit organizations, government agencies and commercial groups. Prior to Forum One Jim co-founded the Eurasia Foundation, a Washington, D.C.-based grant-making organization.