Healthcare Providers Prime Target Information Leakage

One can barely go a day anymore without hearing of a new IT security breach or data hack. It doesn’t matter if the organization is large or small: Everyone is a potential target.

Information security threats are internal and external. The attacks can be malicious or simple carelessness. The hackers may be halfway around the world or the person sitting next to you.

Information security is on everyone’s mind and it should be a concern, especially to those in healthcare.
Industries often look externally for vulnerabilities. They want to understand where defenses don’t exist or could be compromised. They hire white-hat hackers to probe and prod systems to better understand deficiencies. Cybercrime is expected to cost regular people and business $6 trillion every year by 2021.

Businesses look less frequently for internal threats. Every employee is a potential security risk.

Sharing passwords, lost or stolen laptops, unlocked computers, disgruntled current or former employees or those who are simply curious are potential security risks and ways private, HIPAA-protected information can leak from a provider’s practice. Take a look at the U.S. Department of Health and Human Services, Office of Civil Rights; they track every healthcare related data breach in the country. The breaches range from external system hacks to unauthorized access. In 2016, there were more than 16 million health records exposed inadvertently. That’s an increase of about 3 million records from 2015.

In general, much of the unauthorized access to data can be prevented with internal, IT-related safeguards. Recently, news of Justin Bieber’s treatment at a New York hospital was allegedly leaked by an emergency department employee. While the details of this breach remain secret, it’s likely all or part of the health record were not as secure as they should have been.

Which brings us to the issue of internal health systems security. Many large and small providers simply don’t have the infrastructure to monitor staff access to patient records at all times. They aren’t aware of employees who access patient information at times when they shouldn’t or when employees should have limited access to patient information because of their role in the organization.

Provider offices, hospitals and health facilities can limit exposure by working with an expert to monitor patient data access by employees. Discrete access points can be immediately captured and sent to the customer in real-time to act on the information and, hopefully, stop the leak before it starts.

Data security and information leaks will always be an issue. What fixes have you found that work?
Blog Comments

Blog post currently doesn't have any comments.
 Security code

TriZetto Provider Solutions® Powered by Cognizant

We help physicians, hospitals and health systems simplify business processes and get accurate payments quickly. We will always look for new ways to help you improve revenue and increase cash flow. We will stay ahead of regulatory changes so your office will never struggle to keep up. All so you can focus on the one thing that really matters: doing what is best for your patients.

Learn More