According to a recent Ponemon Institute survey, healthcare facilities have struggled to keep patient data secure.
Almost 95 percent of healthcare organizations said they have leaked data within the last two years. Most of these leaks are due to staff negligence, but some of the issues are tied up in the technology used to store patient data, including medical images. Hospital data loss is no laughing matter, but plenty of hospitals aren’t keeping close tabs on their patients’ data.
Of the 80 healthcare organizations that were surveyed by the Ponemon Institute, 75 percent said they don’t secure medical devices that contain patient information. While healthcare experts are busy finding new ways to cure the sick, not enough of them are invested in protecting the patient information.
According to the Ponemon study, there is an indication that people in the healthcare industry believe security issues should be left up to the vendor, not the healthcare professionals. The problem goes beyond patient information – security could be affected at the device level as well. For instance, insulin pumps and defibrillators that are implanted into patients are not secure against targeted attacks. Some will recall the threat that Americans feared when Vice President Dick Cheney received a pace maker, which could have been targeted remotely by terrorists.
Within the last year, a laptop containing the information of 100,000 patients at a facility in Waltham, MA was stolen; a facility in Houston reportedly lost a USB drive that had an undisclosed amount of information on patients; and a medical center in Virginia compromised the information of 2,000 patients when their records, stored on a USB drive, was misplaced. Hospital data loss certainly cost these organizations a lot.
Compromising patient information comes with a price tag, and it’s getting more expensive. Ponemon said the average cost per breached organization was $2.4 million over a two-year period. That’s up from $2.1 million in 2010.
The survey of 80 institutions also found that 2,769 records were lost on the average breach. Medical files, billing and insurance information was the most often lost data. Fifty-four percent of workers in healthcare facilities have no confidence that their organization can protect patient data and 80 percent of employees use their smartphones or tablets, which are connected to the facilities’ network; but only half of them know if their device is secure on that network.
Ponemon offered that their findings suggest healthcare facilities need to determine the cause of their breaches and address their vulnerabilities.
One organization that doesn’t have to be reminded about the importance of protecting patient information is OffSite Image Management, Inc. One of the services offered at OffSite is disaster recovery. OffSite makes business continuity planning easy and safe. It can protect any healthcare organization’s data while offering authorized individuals immediate access to stored records. End-to-end, 128-bit encryption is used for file transfers from multiple level IV data centers.