Data theft and compromise in healthcare are on the rise, and the mobile landscape is further complicating security. A new 2012 HIMSS Analytics Report: Security of Patient Data reassesses the state of patient data security in the wake of recent technological developments.
The 2012 HIMSS report has found that the rapidly rising use of devices not tethered to a workstation brings an increased risk of data loss and/or compromise that many organizations are not properly prepared to address. For example, the use of electronic health records (EHR) makes patient data more mobile and accessible. It may also introduce third parties who are entrusted with patient data, extending patient data security beyond hospital walls.
According to the report, 27% of respondents indicated that their organization had experienced at least one security breach that required notification in the past 12 months. This was up from 19% in 2010 and 13% in 2008. The main sources of security breaches in 2012 were:
56% unauthorized access by employee
34% unauthorized access to paper records
22% laptop/handheld device
10% data housed by a third-party vendor
9% improper destruction of paper records
3% network breach by outsider
2% data accessed from second-hand computer
As the use of mobile devices becomes more common in exam rooms and administrative areas, so do the risks of security breaches due to employee negligence and outdated organizational policies. The report stresses that as healthcare moves toward more digital frontiers with an aggressive transition to EHR and mobile-based devices, privacy and security no longer should be treated as separate issues.
Physician’s Weekly wants to know…do you feel that patient data is more vulnerable with the increased use of mobile devices? Do you feel practices and hospitals are prepared for these risks?