Could BYOD increase the risks of a healthcare data breach and medical identity theft? The third annual study on Patient Privacy and Data Security reveals the explosion of mobile devices used in healthcare organizations. Most organizations in our study say they permit their employees to bring personally owned devices such as smart phones and tablets and connect to their networks or enterprise systems. While productivity may increase, so does the risk that patient data may end up in the wrong hands. In fact when asked, these organizations admit they are not confident they can make sure these devices are secure. What should hospitals do today? Conduct a privacy risk assessment to identify organizational gaps and create a comprehensive mobile device policy (including detailed guidelines) for all employees and contractors. The policy should address the risks and the security procedures that should be followed. They should also reinforce their mobile device policy with employee education on the importance of safeguarding their mobile devices and how to avoid risky behaviors. For a copy of the study, please click here: http://www2.idexpertscorp.com/ponemon2012/
(click to download study) Healthcare organizations seem to face an uphill battle in their efforts to stop and reduce the loss or theft of protected health information (PHI) or patient information. As is revealed in the Third Annual Benchmark Study on Patient Privacy and Data Security sponsored by ID Experts, many healthcare organizations struggle with a lack of technologies, resources and trained personnel to deal with privacy and data security risks.
The Electronic Health Information at Risk study was conducted by Ponemon Institute and sponsored by LogLogic. The purpose of the study is to determine from IT practitioners in healthcare organizations how secure they believe electronic patient health records are —especially those records stored in databases. (Click to download study)