The report is the third installment in a bi-annual survey of healthcare providers nationwide. A total of 250 healthcare professionals participated in the study. The professionals included health information management directors, compliance officers, senior IT executives, privacy officers and chief security officers.
According to the report, there has been an increase in data breaches over the last six years despite strict regulations for reporting and auditing data. Findings from the survey revealed that healthcare organizations felt more prepared to confront data security risks in 2012 but data breaches were still common:
• Healthcare organizations gave themselves a 6.40 rating on a scale of 1 to 10 with 10 being extremely prepared;
• Ninety-six percent of respondents reported conducting a formal risk analysis in the past 12 months;
• Twenty-seven percent of respondents reported a security breach in the past 12 months;
• Sixty-nine percent of respondents reported more than one security breach in the past 12 months.
Human error remains the greatest threat to data security. Mobility and a lack of data ownership from executives are the two biggest threats behind human error. In 2012, 79 percent of respondents reported that an employee caused a security breach. Yet, only half of respondents required proof of employee training on data security policies. The mobility of patient data is also a leading factor in security breaches. Thirty-one percent of respondents indicated that information available on a mobile device was a factor in data breaches. Finally, when respondents were asked who is primarily responsible for patient data, responses ranged dramatically:
• Health information management director — 21 percent;
• CIO — 19 percent;
• Chief privacy officer, chief compliance officer and CEO — 12 percent each;
• Chief security officer — 10 percent.
More Articles on Patient Data Security:
Utah Medicaid Data Breach Worsens; Nearly 760K Individuals Affected
Strategies for Safeguarding Healthcare Data
Howard University Hospital in D.C.’s Data Breach Affects More than 34K Patients
HIMSS: Improved HIPAA Compliance Has Not Increased Data SecurityWritten by Kathleen Roney | April 13, 2012
An increased focus on HIPAA compliance has not brought better data security to the healthcare industry, according to the "2012 HIMSS Analytics Report: Security of Patient Data" report by Kroll Advisory Solutions, a risk mitigation and response company.
© Copyright ASC COMMUNICATIONS 2011. Interested in LINKING to or REPRINTING this content? View our policies here.