According to the Aberdeen study, “less than half of healthcare organizations have assigned primary responsibility for assurance of compliance with data privacy and security requirements in a way that’s most likely to be effective.” One issue may be that healthcare organizations tend to appoint leaders who focus on specific compliance initiatives with responsibilities fragmented across multiple groups.
The Aberdeen report also ranked net maturity levels across six key elements of the data lifecycle, ranking healthcare organizations’ capabilities related to their ability to perform the following data functions: integrate, ingest, manage, store, protect, and syndicate. A score of 50 percent or more indicated a high level of maturity in current capabilities related to these elements, and scores below 50 percent denoted low maturity.
Ad Statistics
Times Displayed: 56084
Times Visited: 1638 Ampronix, a Top Master Distributor for Sony Medical, provides Sales, Service & Exchanges for Sony Surgical Displays, Printers, & More. Rely on Us for Expert Support Tailored to Your Needs. Email info@ampronix.com or Call 949-273-8000 for Premier Pricing.
Healthcare organizations surveyed scored highest on storing, managing and protecting data, but managing was the only element that scored above 50 percent. Data integration was scored at less than 4 percent, and processes around ingesting and syndicating data were also assessed to be immature. The scores suggest that healthcare organizations have a lot of work to do to bring capabilities up to speed.
Despite investing heavily in data security and privacy initiatives, more than 80 percent of healthcare organizations surveyed reported that they’d experienced at least one data privacy and security noncompliance issue over the past 12 months. Noncompliance issues took the form of audit deficiencies or similar findings that required remediation.
Two-thirds of surveyed healthcare organizations reported that they had experienced a data breach during the past year – a “confirmed incident of unauthorized access” to data that is “subject to compliance requirements.” They’re not alone. According to HIPAA Journal, “healthcare data breaches are now being reported at a rate of more than one per day.”
Data breaches at healthcare organizations damage patient trust and can have devastating consequences from an operational standpoint. As new sources of data come online, including wearables that monitor patients’ health remotely and AI-enabled medical devices, the challenges will multiply. The current state of data security and privacy doesn’t bode well for its future state.
The Aberdeen report offers a prescription for healthcare leaders who are struggling with compliance issues: “Given the complexity, costs, and consequences, the current state of privacy and security compliance for enterprise data in healthcare makes a compelling case for using third-party solution providers for integrating and managing … data and data-related processes.”
