The protection of health records is paramount. A recent Ponemon Institute study, American’s Opinions about Healthcare Data Breach Privacy, notes that over 75% of those surveyed believe that protection of healthcare record privacy is important to very important. Unfortunately, it has been discovered that 80% of healthcare organizations say they have had one or more data breaches that involve the loss of health information.
With the recent passing of the Health Information Technology for Economic and Clinical Health Act, companies in the healthcare industry are provided financial incentives to bring healthcare records online. While bringing Healthcare Data Breach online may contribute to greater quality Health Data Breach in the long term, it also creates opportunities for data thieves, putting customers, clients and employees’ medical data at risk. As a result, the Act extends the Health Insurance Profitability and Accountability Act’s (HIPAA) rules for privacy and security practices for electronic transmission of medical data.
However, it also tightens regulations around enforcement and penalties for not adhering to the data management and breach notification requirements. Healthcare organizations are now responsible for understanding these new laws and must have infrastructure and safeguards in place to protect medical records and an individual’s PII, and PHI. According to Ponemon Institute research, “Electronic Health Information at Risk,” the average expense incurred for a company to address a medical data breach is record. Those companies that do not closely follow the new requirements can incur damages of up to M.
At every level the enactment of the HITECH Act changes the landscape for how healthcare companies manage and protect data. Investing in the infrastructure to keep healthcare records safe is critical in maintaining a healthy business and customer loyalty.
Unfortunately, most companies in the healthcare industry are not making these investments. According to the Pnemon Institute study “Electronic Health Information at Risk,” more than 60% of healthcare industry IT professionals surveyed believe they do not have enough resources to ensure that personal health information is kept safe. Additionally, 70% say that the senior management of their companies does not view privacy and data security as a top priority.
With the necessary safeguards not being implemented, the increased exposure to identity thieves increases. This in turn can put companies at risk for potential data breaches and at risk for loss of business from loyal customers. Healthcare Data Breach can result in significantly reduced customer confidence, and therefore will lead to less revenue. As reported in a recent study by Javelin Research, HIPAA Data Breach, 45% of breach victims have less confidence in a business as a result of being victimized by a data breach.
How an organization handles a breach, should one occur, has significantly changed due to the more stringent notification requirements defined by the Healthcare Data Breach. Now more than ever, it is critical that the healthcare industry be aware of the new requirements and standards.