HIMSS: Providers Make Some Strides on Patient Data Protection
February 21, 2014 in News
Health care organizations have made improvements in protecting patient data, but “huge gaps” remain in information protection, according to a report by the Healthcare Information and Management Systems Society, Health Data Management reports (Goedert, Health Data Management, 2/20).
The survey was conducted by HIMSS and was supported and sponsored by the Medical Group Management Society and Experian Data Breach Resolution, respectively.
For the report, researchers surveyed 283 IT and information security professionals (Conn, Modern Healthcare, 2/20).
The survey found health care organizations have made strides in data theft prevention during the past year. According to the report, in 2013:
- 92% of respondents conducted a formal risk analysis;
- 66% used two or more access control products;
- 54% tested their breach response plan; and
- 50% employed a full-time worker responsible for protecting patient data (Health Data Management, 2/20).
However, the survey also found that in the last year:
- 19% of respondents said their organization experienced a security breach; and
- 12% of respondents said their organization had experienced at least one case of medical identity theft (McCann, Healthcare IT News, 2/20).
In addition, only 17% of respondents said their organization encrypts data on mobile medical devices and biometric technology (Health Data Management, 2/20).
The survey also found that more than half of respondents said their organization had increased funding on security. However, 49% of respondents indicated they are still spending 3% or less of their cumulative IT budget on security measures (Modern Healthcare, 2/20).