Over 150 California Auctions End Tomorrow 05/31 - Bid Now

Insider threats to medical data worry hospitals

by Loren Bonner, DOTmed News Online Editor | March 03, 2014
While digitizing medical records is a good first step to reducing inefficiencies in the health care system, it comes at a price: data breaches.

According to survey results from HIMSS, almost 20 percent of respondents reported a security breach in the past year, and 12 percent of organizations have had at least one known case of medical identity theft reported by a patient.

This is in spite of amped-up security technologies and analytics as well as federal initiatives such as OCR audits, Meaningful Use and the HIPAA Omnibus Rule.

HIMSS teamed up with Medical Group Management Association and Experian Data Breach Resolution on the survey and analyzed the profiles and data security experiences of 283 information technology and security professionals employed by U.S. hospitals and physician practices.

According to the survey, the greatest perceived "threat motivator" is that of health care workers potentially snooping into the electronic health information of friends, neighbors, spouses or co-workers — something that can put them at risk for a security breach. Although most facilities have increased security — there are even specific technologies available, related to employee access to patient data — almost half of surveyed facilities are still spending 3 percent or less of their overall IT budgets on initiatives that will secure patient data.

"Though progress is noticeable, it is critical that health care organizations put in place a comprehensive plan that addresses potential security threats — whether internal or external — to prevent electronic health data breaches and minimize the impact of a breach, should one occur," said Michael Bruemmer, vice president for Experian Data Breach Resolution.

You Must Be Logged In To Post A Comment