Study: Breaches of data up 32%
HIPAA Regulatory Alert
Study: Breaches of data up 32%
Sloppy mistakes, unsecured devices cited
The second annual benchmark study by Ponemon Institute in Traverse City, MI, sponsored by ID Experts, finds that the frequency of data breaches in healthcare organizations surveyed has increased by 32%.
Employee negligence is the primary culprit. According to 41% of healthcare organizations surveyed, data breaches involving protected health information (PHI) are caused by sloppy employee mistakes. Half of respondents do nothing to protect mobile devices that are in use in 80% of healthcare organizations.
Based on the experience of the healthcare organizations surveyed, data breaches could be costing the U.S. healthcare industry an estimated $4.2 billion to $8.1 billion annually.
Key findings of the research:
Data breaches at hospitals and healthcare providers are rising, due to employee mistakes.
Compromised patient records in benchmarked organizations increased an average of 46%.
Fifty-five percent of healthcare organizations say they have little or no confidence they are able to detect all privacy incidents.
Sixty-one percent of organizations are not confident they know where their patient data is physically located.
Third-party mistakes, including business associates, account for 46% of data breaches reported in the study.
According to 49% of respondents, lost or stolen computing or data devices are the reason for healthcare data breach incidents.
Widespread use of unsecured mobile devices is at the core of hospital data breaches.
More than 80% of healthcare organizations use mobile devices that collect, store, and/or transmit some form of PHI.
Fifty percent of all respondents do nothing to protect these devices.
Federal regulations and policies are not reducing data breaches.
Twenty-two percent of organizations say their budgets are sufficient to minimize data breaches.
Eighty-three percent of hospitals have clearly written policies and procedures to notify authorities of a data breach, but 57% don't believe their policies are effective.
The research indicates that the closer the personnel are to the data, such as billing and information technology, the higher the probability of not following policies and procedures.
Forty-two percent of respondents say administrative personnel in their organizations do not understand the importance of protecting patient data.
More healthcare providers say data breaches are leading to medical identity theft.
Twenty-nine percent of respondents say their data breaches led to cases of medical identity theft.
The number of cases of medical identity theft represents a 26% increase compared to 2010.
Ninety percent of organizations say data breaches cause harm to patients, yet only 25% offer basic monitoring services following a breach.
Thirty-five percent of healthcare breaches are discovered by a patient complaint.
Data breaches are likely to increase, given lack of resources.
Seventy-three percent of respondents reported lacking sufficient resources to prevent or detect unauthorized patient data access, loss, or theft.
Fifty-three percent of organizations cite lack of budget as their biggest weakness in preventing data breaches.
Sixty-nine percent of organizations say that they have little or no confidence in business associates ability to secure patient data.
For a free copy of the 2011 Benchmark Study on Patient Privacy and Data Security, go to http: www2.idexpertscorp.com/ponemon-study-2011.
Based on the experience of the healthcare organizations surveyed, data breaches could be costing the U.S. healthcare industry an estimated $4.2 billion to $8.1 billion annually.
The second annual benchmark study by Ponemon Institute in Traverse City, MI, sponsored by ID Experts, finds that the frequency of data breaches in healthcare organizations surveyed has increased by 32%.Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.