One has to look no further than how much the healthcare system is spending to protect themselves from data breaches to understand the magnitude of how important protecting against threats is becoming – $7 billion annually.
Electronic health records (EHRs) have many advantages to the archaic ways of storing and accessing patient information, but EHRs also come with some expense. A recent study by the Ponemon Institute indicates that despite the amount of money being spent on breach prevention, it’s actually quite low on the list of priorities of many healthcare facilities.
When the HITECH (Health Information Technology for Economic and Clinical Health) Act was passed in 2009, privacy and security protections became more of an issue and a responsibility for healthcare facilities. In order stay compliant with HIPAA, the facilities had to beef up their safeguards to fit HITECH standards. Part of this standard includes notifying patients when their data has been compromised/accessed by non-authorized sources.
Research at that time showed that the healthcare industry was having difficulty protecting patient data, which put them at risk for identity theft and medical identity fraud. The result was that hospitals were incurring millions of dollars in fines for breaches.
As of Ponemon’s latest benchmark study released in 2012, healthcare organizations were still facing an uphill battle in protecting patient information. According to the information gathered in the survey, healthcare facilities were struggling with training personnel and accessing the right technology to meet guidelines set to protect patient data. These facilities also struggle with funding.
As the threats to data security become more advanced in their methods, the healthcare industry, which is focused on patient care, is left vulnerable. Meanwhile, each time a breach occurs, the facilities have to pick up the tab, which can range from $10,000 to $1 million. The average facility doles out $2.4 million every two years, which increases by about $100,000 every year.
Nearly 95 percent of healthcare organizations have had at least one security breach in the last two years. Nearly half said they have had more than five breaches per year. That percentage has skyrocketed since 2010 when only 30 percent reported five or more breaches.
Electronic health records are most often at risk due to insider negligence. Most often, it’s lost or stolen computing devices that lead to the breach. The number of breaches from criminal attacks is taking an alarming upswing – about 20 percent of breaches were due to criminal attacks in 2010. The number jumped to 33 percent by 2012.
Surprisingly, more than half of the medical professionals surveyed said they don’t believe there is anything their organization can do to protect from attack. While 81 percent of them are using their mobile devices freely on the hospital’s network, around half of them said they are not confident that their online activities were secure.
When it comes to protecting patient data related to medical imaging, hospital administrators need to look no further than to OffSite Image Management, Inc., which offers vendor neutral archiving services that are completely secure. OffSite knows that the stability and security of its services are what clients count on when they team with them.