Health Data Security

The security of private health information is a mounting concern for everyone. Reports of various breaches that leave customers vulnerable often make headlines; even inadvertent breaches can cost a company significantly. In 2009, names of HIV patients were included in a rubber band-bound stack of PHI documents one hospital employee left on the subway. These documents were never recovered, and the breach ultimately cost the hospital $1 million. In the past, healthcare data security breaches usually constituted incidents like this, perpetrated by innocent, though incompetent, employees. Whether through employee negligence or devices and files being misplaced or stolen, most of the private health data being breached in a healthcare organization was walking out the front door. In a recent study by Ponemon Institute, for the first time in five years, criminal breaches were the number one root cause of security breaches within healthcare organizations.

It is a common sentiment within the industry that healthcare as a whole is behind in the race to secure data. One study found that 90% of hospitals and clinics have exposed their patient data. Another recent study found that 81% of large healthcare organizations have been breached in the past two years, but barely half of the hospital executives said they felt prepared for a breach.

KLAS has taken our first step in helping organizations prepare for and prevent a cyberattack. In our first ever security report, KLAS worked with more than 75 providers across the country to identify over 150 vendors being used to resolve providers' security issues. While there truly is no single solution for securing your data, KLAS is working to identify which of the myriad of vendors in the market can help create and execute on this strategy.

Health Data Security: 155 Vendors Identified--Who is Protecting Your Data?