Tweet
It’s hard to believe, but a recent report by Redspin, Inc. found an astounding 97-percent increase in protected health information (PHI) data breaches in 2011, across a sample of healthcare organizations in the US, according to a story at healthitnewsdirect.com.
Another report recently revealed that over the last two years, “health care organizations have reported 364 incidents involving the loss or theft of information ranging from names and addresses to Social Security numbers and medical diagnoses on nearly 18 million patients – equivalent to the population of Florida.”
And what’s it costing us? At last count, $6 billion. After surveying 72 healthcare organizations, the Ponemon Institute and ID experts found that, on average, the cost of data breaches to organizations surveyed rose $183,526 to $2,243,700 from 2010, and extrapolating the study to the entire healthcare industry, Ponemon estimates that data breaches could cost the U.S. healthcare industry between $4.2 billion and $8.1 billion a year, or an average of $6.5 billion, according to a story by George V. Hulme at csoonline.com.
Redspin Inc., a provider of penetration testing and IT security audit services, said analyzing 385 breaches (affecting 500 individuals or more) turned up an estimated 19 million people on various health databases, and at least 46 U.S. states had their medical files breached since August 2009 when the interim final breach notification of the HITECH Act was passed.
Redspin found in its survey a 525-percent increase in records breached due to unencrypted device loss, and “an increase of 76 percent of breaches involving a business associate between 2010 and 2011, which made up 59 percent of the total number of breaches.”
The improper security processes, followed by the organizations which had the breaches, contributed to the two largest and three of the top five breaches, according to the story.
When you look at the value of PHI, when sold on the black market (estimated to be around $50) and “its use to commit Medicare fraud, the rate of breaches has increased to 60 percent, occurring with a malicious intent like theft and hacking,” according to Redspin.
But it’s not all about careless employees and files that were not properly encoded. The report also found a surge in the amounts of PHI on unprotected storage devices, and a “lack of security on portable devices (39%), like laptops, mobile phones and tablets, and desktop computers or servers (25%) contributing to breaches,” according to the story.
Edited by Braden Becker
By Deborah Hirsch , HealthTechZone Contributor
More Healthcare Technology Feature Articles
View the Original article
No comments:
Post a Comment