Technological innovations over the years has paved the way for physicians and healthcare professionals to adopt mobile technology in their healthcare practices. While this has brought in positive impacts on patient care, organizational efficiency and work flow, healthcare data breaches have unfortunately become a major issue faced by large number of healthcare providers.
Even as reports showcased that 42% of serious data breaches in 2014 were in the healthcare sector, the recent reports from Experian, the credit reporting company talks of 2015 bringing in more data breaches. Such vulnerability of the healthcare industry is seen as a result of increase in the number of access points to patient health information through the increase in use of electronic health records. The presence of patient’s social security number on the Medicare card is a sensitive data which increases the vulnerability potential. While the Definitive Healthcare Hospital database has tracked 251 data breaches across 7,506 hospitals, the Health IT Security showcases that nearly 68% of these healthcare data breaches are due to theft and loss of portable devices and few due to human errors.
Data breach risk on high with increase in Smart devices usage:
With the increase in the use of smart phones and new age high end devices for accessing digital information, it is expected that 2015 will bring in even more healthcare data breaches. Healthcare providers and medical establishments must therefore take proactive measures to protect their electronic health information from data breaches. Further, the reports indicate that only 23 percent of healthcare data breaches are caused by cyber criminals. However, based on Brigham and Women’s hospital physician’s case of robbery and forced disclosure to encrypted data, it is clear that encryption of data alone is not enough to protect EHR.
According to the Department of Health and Human Services’ HIPAA Security Rule, encryption is a process which uses “an algorithmic process to transform data into a form in which there is a low probability of assigning meaning without use of a confidential process or key, in such a way that data cannot be breached.” Nevertheless, in BWH case the key was indeed breached after the pass codes were given.
Thus the health care providers and their business associates need to deploy effective and mature security solutions that will not only be economical but will also ensure safeguarding the security of the EHR. The security, risk and compliance solutions such as Aegify is a one-stop integrated web based solution that will allow the healthcare professionals to ensure security and compliance through an effective and practical automated risk management, significantly reducing the impact of data breaches, by providing continuous security and risk feedback on addition of new assets and security practices with instant recommended remedial measures for quick implementation. Aegify helps you to remain continuously secure, risk-free and compliant.