Wednesday, September 28, 2011

Health Care Organizations Underprepared to Secure Patient Data: PwC




http://ow.ly/6HdEo

Article by Brian T. Horowitz appearing on eweek.com

The article provides information regarding a recent health care report from consulting entity PWC.  The report provides some troubling findings, "Consulting firm PwC's Health Research Institute has come out with a report revealing that health organizations are underprepared to secure patient medical information."

This article goes on to state, "The report, "Old Data Learns New Tricks: Managing Patient Privacy and Security on a New Data-Sharing Playground," shows that despite advances in electronic health records (EHRs) software and security technology, health care organizations have yet to adopt privacy measures on a large scale.
For the survey, PwC interviewed 600 executives from hospitals, physician practices, health insurers and pharmaceutical and life science companies.
Only 58 percent of providers and 41 percent of health insurers train employees on privacy measures for EHRs, PwC reports."

The article states that health providers have invested more in HIPAA compliance than they have in I.T.  However, the article does state the following:  "Despite health care organizations being underprepared, advances in access controls, encryption and monitoring related to EHR application development are happening faster than in other industries..."

Some further statistics are cited in the article regarding issues that deal with the security of health information, such as, "A big security issue for respondents was insiders improperly accessing health data. Over the last two years, 40 percent of providers surveyed reported a breach due to insider snooping or sharing of information. These incidents can include chatting in an elevator or through social media.
In addition, health care organizations are grappling with how to handle security on mobile devices such as iPads, with 55 percent of respondents of health care firms not formulating plans for security on mobile devices.
PwC also revealed that 74 percent of health care organizations plan to share patient data externally for studies and development of new products, but only 17 percent of providers, 19 percent of payers and 22 percent of pharmaceutical and life sciences companies have developed a process to allow patients to consent to the disclosure.


2 comments:

  1. That's one thing that health care organizations should definitely consider. The data of a certain patient should be secured to avoid any issues in the future.

    major medical insurance plans

    ReplyDelete
  2. Security can sometimes be the problem of such health care organizations. I just hope they do something about the issue.

    nursing home

    ReplyDelete