The number of hospitals in the United States that are adopting electronic medical records is continuously growing, but according to a study from the Ponemon Institute, insufficient funding for security has also triggered a surge in patient data breaches. A recorded 32% increase in data breach incidents from 2010 to 2011 tends to support such a claim. Hospitals say that there should be enough funding from the agency concerned in order to ensure patient privacy.
Converted into cost, the health care industry lost an estimated $6.5 billion just last year alone. Nearly one-half of the health organizations that were surveyed said that the major cause of this was lost or stolen devices. The survey included 72 hospitals and health care providers, but the names of the organizations were kept private.
Observers see that the condition is getting worse, mainly because security seems to not be given any major importance. They also anticipate that it will not get better given the policy of providing incentives to doctors and hospitals that implement digital health records. More patient records will be exposed to theft with the compensation budget that reaches up to $27.4 billion. Health care organizations then rush to speed up health records, but there is no corresponding needed security.
Another study showed that more than 50 percent of the organizations surveyed blame insufficient funding as the reason for such breaches. There are existing data breach notification laws that order organizations to report to the Health and Human Services Department those breaches that involve more than 500 people. The agency then makes a list of those affected and posts these violations on its website.
There are laws on federal privacy that health care providers and employer-sponsored group health plans are obliged to comply with. These laws require periodic audits to be conducted by the Health and Human Services Department. This is to carry out security risk reviews and assess security and breach notification policies. This mechanism ensures that organizations have their privacy, security and breach notification policies in place.
Image: Salvatore Vuono / FreeDigitalPhotos.net
No comments:
Post a Comment