As personal health information moves out of the filing cabinets and into cyberspace, the need to secure that data presents a whole new set of challenges. For this reason, HIMSS Analytics partnered with Kroll Fraud Solutions to conduct a bi-annual survey to evaluate the status of patient data security in the United States. According to the recently published 2010 HIMSS Analytics Report: Security of Patient Data, there are still significant gaps in the security of patient data.
The study found that providers are taking a reactive, rather than proactive approach to data security breaches, and seem to be more focused on what do to if a breach occurs, rather than what they can do to prevent one. The number of data breaches reported actually increased, from 13 percent in 2008 to 19 percent in 2010. Despite this increase in the number of breaches, the report states, “most healthcare facilities continue to believe that if they are more prepared, then they are more secure.”
According to the report, the study also found that providers are not fully aware of the financial costs associated with a breach of patient data, with most respondents citing patient satisfaction as the primary impact.
Another concern is that health care organizations continue to address patient data security in a “siloed” fashion, rather than taking a holistic approach “that covers all data (cyber and offline) across the entire organization’s continuum of care (including third party vendors).”
The report concludes that health care organizations must nurture a proactive, holistic approach to patient data security that extends to suppliers, vendors and payors.