This document discusses data security issues in healthcare. It notes that the number of electronic health record breaches increased significantly from 2012-2013, compromising the protected health information of over 7 million patients in 2013. Specific examples are provided of data breaches at the Alberta Children's Hospital, Community Health Systems, and NRAD Medical Associates that exposed patients' names, contact information, medical histories, and social security numbers. The document concludes by recommending measures healthcare organizations can take to minimize risks to patient privacy, such as implementing risk analyses, encrypting portable devices, and providing security training to employees.
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Addressing Data Security Issues in Healthcare
1. Addressing Data Security Issues in
Healthcare
In business organizations, data security issues are bad news. While affecting the
reputation and financial stability of the organization, data breach undermines
consumer confidence. In healthcare, the risk is limited not just to the concerned
hospital, business associate or provider, but affects the entire medical industry.
Breaches involving the personal information of patients are one of the major risks
that healthcare providers face today.
Electronic Health Records and Breach of Protected Health
Information (PHI)
The number of hospitals that have implemented Electronic Health Record (EHR)
systems has increased rapidly over the last few years. Though the system improves
efficiency, care delivery, and patient outcomes, it can be meaningful only if there are
proper mechanisms to ensure information security. According to a Redspin Breach
Report published in February 2014, the PHI of over 7 million patients was
compromised in 99 large breaches in 2013, as reported to the Department of Health
and Human Services’ Office of Civil Rights. The number of data breaches rose by as
much as 137 percent in 2012-2013.
Source: Redspin Annual Data Breach Report 2013
2. Healthcare Data Breaches that Made Headlines
According to a CTV Calgary report published on October 7, 2014, the personal health
information of 247 patients at Alberta Children's Hospital was accessed by an
unauthorized person – a former employee of the hospital. An audit showed that the
breach extended over a 14-month period. Data that may have been compromised
includes patient history, contact information, date of birth, names of relatives, and
emergency contact information.
In August, Chinese hackers stole 4.5 million medical records of Community Health
Systems patients including their Social Security numbers, putting their identities at
risk.
NRAD Medical Associates made news in July when it was reported that the personal
information of almost 97,000 patients in Long Island, NY were stolen from this
practice. Based in New York, NRAD is one of the area's largest radiology groups with
18 locations and thousands of patients. According to the report, one of its employee
radiologists accessed and acquired data relating to patient names, addresses, social
security numbers, diagnosis codes, and insurance information.
Consumers should be aware of the signs of a medical identity theft:
Obtaining a bill for medical services
from a doctor or hospital that the
patient has never used
Receiving bills in other people’s
names
Getting collection calls for payments
on medical accounts of other people
Obtaining a change of address
notification from the insurance
provider
Denial of medical insurance
Receiving notification from a hospital
or doctor that your private medical
information was compromised
3. Measures to Minimize Risk of PHI Security Issues
Healthcare organizations are prone to PHI security issues and given the dynamic
nature of technology, these are hard to avoid. However, industry experts say they
can be minimized by measures such as implementing periodic HIPAA risk analysis,
assessing new vulnerabilities that may have arisen, encryption of data on all portable
devices, and security awareness training for employees. Finally, healthcare providers
need to ensure that their outsourcing vendor for data entry, document scanning
or medical billing and coding handles PHI effectively.
Contact
Managed Outsource Solutions
8596 E. 101st Street, Suite H
Tulsa, OK 74133
Main: (800) 670 2809
Fax: (877) 835-5442
E-mail: info@managedoutsource.com