Security - CIOInsight

Home

Security

Electronic Medical Records: No Vaccine Against Breaches

Security Slideshow:
Electronic Medical Records: No Vaccine Against Breaches

By Bob Violino on 2010-11-15

In case you need another reason to avoid the hospital, here it is: Data about you and your treatment might not be adequately protected, and your privacy could be at risk. According to a research report conducted by Ponemon Institute (a privacy and information management research firm) and sponsored by ID Experts (a security products provider), many healthcare facilities are not adequately protecting patient data. In addition, the healthcare industry is lagging in implementing the standards set by the HITECH Act of 2009, which widen the scope of privacy and security protections under HIPAA to provide strong safeguards for patient data. And the insufficient security is proving costly to the healthcare industry, as hospitals are collectively losing an estimated $6 billion a year due to data breaches, according to the study. Because many breaches go undetected, the losses might be considerably higher than that, according to Ponemon. The research shows that protecting patient data is a low priority for hospitals, and many healthcare organizations have little confidence in their ability to secure patient records. This puts individuals at great risk for medical identity theft, financial theft and embarrassment of exposure of private information, the report says.

	LATEST STORIES
	- IT Careers: Departures Mark Exec Shuffles at... - Microsoft Office on iPads, Android Tablets C... - Quest Software Acquisition Would Bolster Del... - N.J. Mayor, Son Arrested for Computer Hackin... - Why HP's Next Leader Should Come from Within...

BLOGS

Tim Moran: CIOs Go To Market

Tony Kontzer: Fed CIO Aims to Root Out IT Waste

Tony Kontzer: Imagine There are No CIOs

Tony Kontzer: Will the Cloud Solve Federal IT Security?

Tony Kontzer: Privacy, Security and the CIO

John Parkinson: When Good DR Goes Bad

Tony Kontzer: What's So Special About iCloud?

Tony Kontzer: Farewell Kundra, We Hardly Knew Ya

More blogs >>

Multiple breaches29% of respondents say their organizations have had more than five data breaches in the past two years.

Electronic Medical Records: No Vaccine Against Breaches - Security

2.4The average number of data breach incidents per healthcare facility over the past two years? 2.4

61%61% of data breach incidents involve fewer than 100 records.

Lack of notification38% of respondents say no patients were notified of data breaches.

Cause of Breaches (% respondents)Unintentional employee action (52%)Lost/ stolen computing devices (41%)Third-party problems (34%) Technical system glitches (31%).

47%47% of respondents say employee detection is the primary way data breaches are discovered.

Confidence CrisisRespondents say they have little (35%) or no (23%) confidence that their organization has the ability to detect all patient data loss or theft. Only 11% say they are very confident.

13%Only 13% of respondents say their ability to resolve a data breach incident is immediate or within one week; 37% say it took six months or longer to resolve the incident.

Staff shortfall28% of respondents say they have no staff dedicated to managing data protection activities. Thirty-five percent say they have fewer than two dedicated staff members.

Ad hoc processesThe process for preventing and detecting data breach incidents is “ad hoc,” according to 35 percent of respondents.

Technology and policiesOnly 16% of respondents say their data breach protection process relies on security technologies; 23% say it relies on policies and procedures.

Who’s in charge? (% respondents) Compliance department (34%)IT (12%)IT security team (11%)No single person/department (23%)

Why breaches occur? (% respondents) Inadequate budget for security and privacy (51%)Lack of trained staff and end users (49%).

56 percent56 percent of respondents say they need help to assess their risks and procedures to make sure they are compliant with security standards.

Big losses23% of respondents say data breaches over the past two years cost their organization between $1 million and $10 million.

What's the harm to patients? (% respondents)Personal health facts will be disclosed (61%)Increased risk of financial identity theft (56%)Increased risk of medical identity theft (45%)

Recent Slideshows

FEATURED SPONSORED VIDEOS

Security and Availability Essentials for Running Your Business in the Cloud

Cyber Security Trends and Challenges for 2012

IPv6 Integration and Migration

View More Videos

Brought to You By

FEATURED SPONSORED ARTICLES

Erasable E-Paper Saves Trees, Cuts Costs

Why Smart Companies Should Adopt the Lessons of Gaming

Interest in Mobile WiFi Hotspots Fuels New Solutions

A Closer Look at Public Cloud Security

View More Articles

Brought to You By


		Try Windows Azure free for 90 days Introducing the world's first family of systems with integrated expertise FREE Securing Smartphones & Tablets for Dummies Book from Sophos 77% of the Fortune 500 Manage Content Securely with Box. Leverage your virtual computing environment with Dell. Build an IT Infrastructure That Delivers the Future 5 New Technologies That Will Change Enterprise IT

CIO Insight:	Issue Index \| Contact Us \| About \| Advertise \| Magazine Customer Service \| Site Map
Quick Links:	Enterprise Mobility Zone \| Management Case Studies \| Loyalty Programs \| Term Sheet \| Strategy Maps \| Organizational Behavior \| Net Present Value Calculator \| Link to Us
	Security: Network Security Entprise Networking Infrastructure Security How To: Data IT Security News Cheap Hack Blog Security Watch Blog Storage: Storage Cloud Storage Storage Virtualization Network Access Storage Storage Reviews Data Storage News How To: Storage Storage Station Blog Computing: Apple OSX Linux Systems Windows Vista Managed Print Services Cloud Computing PC Reviews Microsoft Watch Blog Apple Watch Blog Google Watch Blog Communications: VoIP Solutions Wireless Technology Messaging Software Web Services Mobile Applications Wireless News Mobile Reviews Apps & Development: Application Development SAAS Search Engines Database Software Web 2.0 IT Project Management Emerging Tech Blog CIO Insight Blogs CIOs
	Vertical Markets: Federal Government IT Health Care IT Finance IT Mid-Market Channel Partners Careers Blog Value Added Resellers More eWeek Links: Green Computing Tech Knowledge Center Tech Newsletters Tech RSS Feeds White Papers Tech Podcasts Tech Videos Magazine Subscriptions Enterprise Websites: ZDE Home eWeek Baseline Channel Insider CIO Insight eSeminars eWeek Mid-Market Publish Online Web Buyers Guide Developer Websites: Dev Shed DeveloperShed ASP Free MS DevSource SEO Chat Codewalkers Tutorialized Scripts.com Dev Mechanic Dev Articles Web Hosters Dev Hardware Technology Websites: Device Forge Desktop Linux Linux Devices Windows for Devices TechDirect iGrep Search Engine PDF Zone Linux Watch
	Use of this site is governed by our Terms of Use and Privacy Policy Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited. eWeek is your best source for the latest Technology News. ZDE Cluster 8.

Security Slideshow:Electronic Medical Records: No Vaccine Against Breaches

Recent Slideshows

Advertisement

Security Slideshow:
Electronic Medical Records: No Vaccine Against Breaches