HIPAA breaches up 32%, half from missing devices
HIPAA breaches up 32%, half from missing devices
Data breaches in healthcare organizations are on the rise, according to the Second Annual Benchmark Study on Patient Privacy & Data Security released recently by The Ponemon Institute in Traverse City, MI.
The frequency of data among the healthcare organizations in the study increased 32% from the previous year. In fact, 96% of all healthcare providers in the study say they have had at least one data breach in the last two years. Most of these were due to employee mistakes and sloppiness; 49% of respondents in the study cite lost or stolen computing devices, and 41% note unintentional employee action.
Another disturbing cause is third-party error, including business associates, according to 46% of participants. The full study is available at no charge at http://tinyurl.com/87fkkzx.
To reduce the risk of a data breach, Ponemon recommends that healthcare personnel who handle sensitive and confidential patient information should be trained and aware of the policies and procedures governing the protection of this information. "Billing records and medical files are considered by respondents to be the most frequently lost or stolen patient information," the report states. "However, the perception is that not all personnel who are responsible for these documents understand the importance of protecting them."
Sixty percent of respondents agree that medical billing personnel in their organizations do not understand the importance of patient data protection, and 58% say IT personnel do not understand its importance. In contrast, 58% of respondents say administrative personnel do understand the importance of protecting patient data. (See the story below for more results of the study.)
Widespread use of mobile devices also is putting patient data at risk, the report suggests. Eighty-one percent of healthcare organizations in the study report that they use mobile devices to collect, store, and/or transmit some form of protected health information (PHI). However, 49% of participants admit their organizations do nothing to protect these devices.
"Despite policies and federal mandates, prevention of unauthorized access to patient information is not a priority in many organizations in this study," the report says. "Forty-seven percent of respondents agree that their organization has sufficient policies that effectively prevent or quickly detect unauthorized patient data access, loss, or theft. This is an increase from 41% of respondents last year."
Data breaches in healthcare organizations are on the rise, according to the Second Annual Benchmark Study on Patient Privacy & Data Security released recently by The Ponemon Institute in Traverse City, MI.Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.