New Study Says Hospital Data Breaches Are Frequent and Expensive
How secure is patient data at hospitals? Not as secure as it should be says a new study released yesterday by the Ponemon Institute, an independent research organization dedicated to privacy, data protection and information security policy. Despite HITECH's mandates and the move toward EMR, the study found that "data breaches remain a frequent occurrence at healthcare organizations - threatening patient privacy and leaving healthcare organizations with a heavy financial burden."
Not only is data not as secure as it should be, but data breaches are costing hospitals an estimate of $1 million per year. With 5,815 registered hospitals in the United States, data breach incidents are costing the health care industry almost $6 billion per year.
Among the study's more interesting findings are the following:
- Only 29% of hospitals surveyed responded that they have sufficient resources to prevent or quickly detect patient data loss or theft.
- Employees are the best line of defense in detecting data breaches, underscoring the importance and value of training data handlers.
- Of the hospitals that have implemented EMR, 74% believe EMR's have made their data more secure.
Notably, the study was sponsored by ID Experts, a self-described "leading provider of comprehensive data breach solutions." The results, however, are hardly surprising considering that as of September 20, 2010, almost 5 million patients have had their PHI exposed through the largest 166 data breaches.
Investment in secure data storage coupled with vigilant training should be on on every health care provider's agenda for 2011.
