I just finished reading an article today titled “JAMA study examines variation in type, extent of health data breaches over time” and can’t help but wonder why companies remain reactive in implementing technology without clearly thinking through the various aspects one would consider a requirement, like security.
The article cites statistics reported in the Journal of the American Medical Association (JAMA), that 176.4 million records were compromised by data breaches between 2010 and 2017. Of these, 70% were related to healthcare providers while 13% involved heath plans. Interestingly, while health plans make up only 13% of reported breaches, this is where the largest number – 110.4 million records – were compromised with the most common targets being network servers and emails.
In My View
Information technology in healthcare is in my view, a requirement not a nice-to-have. It is a means by which mass amounts of data can be curated, analyzed, and used in research, diagnostics, and patient care. Having said that, it is the responsibility of the healthcare industry to ensure technology for the sake of technology is not implemented without consideration for heightened security around the servers, emails, and other applications and communications tools containing vitally sensitive patient information.
All too often I hear about firewalls, and other technologies being used to prevent access from the outside, but seldom do I hear about measure taken inside the organization to ensure data is not breached – intentionally or unintentionally. There are many technologies available to monitor internal access and activity related to sensitive information. Make this part of your overall plan along with training and random audits to ensure patient privacy is maintained and their information is safely managed.
Bob Larrivee is President and Founder of Bob Larrivee Consultancy, a recognized expert in the application of advanced technologies and process improvement, and Journalist on Information Technology for Document Strategy. In his career, Bob has led many projects and authored hundreds of eBooks, Industry Reports, Blogs, Articles, and Infographics. In addition, he has served as host and guest Subject Matter Expert on a wide variety of Webinars, Podcasts, Virtual Events, and lectured at in-person seminars and conferences around the globe.