Healthcare providers fear unseen enemies will compromise the safety of patients’ protected health information, but their biggest worry is something they can’t operate without: their employees.
More than three-quarters of respondents to a Scrypt, Inc. survey of 769 providers count human error as the biggest cause of healthcare data breaches, with hacking or data theft the only other threat that topped 50%. Stolen hardware and vendor error were cited as major areas of concern for 21% and 20% of respondents, respectively.
Nearly 70% of providers remain confident in their organization’s ability to remain HIPAA-compliant, despite the recent run of well-publicized data breaches. Only 10% responded that their HIPAA policies “definitely” changed in the wake of those breaches.
More than 80% of surveyed providers stated they use HIPAA-compliant software to avoid healthcare data breaches and corresponding fines. Nearly as many (77%) said they train staff members to keep in compliance with HIPAA. Less than half (42%) perform audits on users. Meetings with other employees is the most common way healthcare professionals stay up to date with HIPAA regulations and 73% said those meetings are used in conjunction with other HIPAA education methods.
The survey also polled providers for their opinions about if they expect the ONC to achieve its 10-year plan for nationwide healthcare interoperability. The results weren’t favorable for ONC, unless they use the results as motivation. More providers said they are “not at all confident” ONC will realize its interoperability vision in the next decade, compared to 17% that are “very confident.” Nearly half (46%) of respondents fell somewhere in the middle and offered they are “somewhat confident.”
ONC detailed its interoperability goals in a strategy document released earlier this year. By 2024, ONC hopes interoperable systems and products will give providers, patients and researchers and greater access to health information and let them play parts in improving patient care and lowering costs. Individual patients would be able to view their electronic health information and discuss it with a provider before proceeding with treatment, under the ONC’s plan.