Compliance Focus, Employee Error Lead to Health Care Data Breaches
By Catherine Dunn ContactAll Articles, Corporate Counsel, April 20, 2012
A new report on data breaches in the health care sector reveals the pervasive problem of security threats posed by employees, and indicates that providers often prioritize compliance with government regulations at the expense of implementing comprehensive security measures to safeguard patient information.
“While organizations are actively taking steps to ensure that patient data is secure, they are so focused on meeting compliance requirements that they have little awareness of the efficacy of their security programs,” according to the report “2012 HIMSS Analytics Report: Security of Patient Data,” which was commissioned by the consultancy Kroll Advisory Solutions.
The survey of 250 hospital executives, officers, and managers found that while 96 percent of respondents said their organizations had conducted a formal risk analysis on the security of their patient data, 27 percent reported experiencing a breach of some sort, up from the 19 percent who reported breaches in 2010. This year, 18 percent said they were “not aware of whether or not their organization had actually experienced a data breach in the past 12 months.” <READ MORE>