HIPAA Security and Patient Data
High-profile data breaches continue to push healthcare toward an increased focus on security. Experts predict that within five years there will be nearly 50 billion smart connected devices in the world. All will have the ability to collect, analyze and share data. In a study published in the Journal of Medical Internet Research, “75 percent of adults will use a Personal Health Record by 2020, exceeding the adoption targets initiated with Meaningful Use Stages 2 and 3”. Our challenge becomes the ability to protect these large stores of data (ePHI). Add to this the interoperability and interconnectivity of multiple EHRs, PHRs and HIE systems, and our ability to secure patient information becomes even more complex.
According to Zack Whittaker, security editor at ZDNet, “A hacker who claims to have obtained more than ten million health records is selling the data to the highest bidder on the dark web. A non-technically-proficient cyber thief criminal can purchase tools to exploit a vulnerable healthcare organization, through the use of a little free technical support, extracting 1,000 patient records that could net him about over 15k”.
Fogo Data Centers CEO Bill Esslinger, prior Vice President, General Counsel, Secretary & Chief Privacy Officer at Greenway Health, says “the more extensive our healthcare systems become the more time and effort that is required to provide optimal protection”. CIO’s take the lead in developing a strategy that’s inclusive of all digital initiatives, yet with transformation comes digital overload. “The average global cost of a data breach per every lost or stolen record is $158. Healthcare organizations, however, incur an average cost of $355 per record”, according to the new survey conducted by Ponemon.
Most healthcare organizations are not adequately prepared to protect sensitive data from data breaches, since most of their IT investment is spent on patient care and not data security. Understanding the risks and responsibilities associated with managing ePHI is the first step in protecting patient information. Put safety and compliance first in designing your strategy. Seek partners who understand HIPAA compliance and data security and share your organizations best practice guidelines.
Data breaches, malware and ransomware attacks are not only increasing, they are becoming more sophisticated. #KnowYourCloud is not merely a hashtag at Fogo Data Centers. As we accelerate the shift to a higher-performing healthcare delivery system, it is important to understand the challenges of managing, storing and protecting patient data.
About The Author