Sure, hackers are a concern, but when it comes to the medical industry, the majority of breaches occur when employees’ mobile devices and laptops are lost or stolen.
According to the 2014 Bitlgass Healthcare Breach Report, 68 percent of all data breaches in the medical field are due to the loss or theft of data. That’s compared to 23 percent of breaches committed by hackers.
Under the Health Insurance Portability and Accountability Act, otherwise known as HIPAA, all health organizations must report data breaches. That information is depicted in what Health and Human Services is calling “The Wall of Shame.”
The wall includes information regarding data breaches over the last three years and provides insight into what breaches mean for the future of healthcare.
“Healthcare data breaches affect all sizes and types of healthcare entities, but the overwhelming majority have one thing in common: inadequate security around devices (or paper) containing PHI (protected health information),” the report states.
PHI breaches can lead to a number of issues for patients, including a loss of insurance, higher premiums, record inconsistencies and distrust of the medical system. According to the Ponemon Institute, the average loss to the victim of medical identity theft comes in at around $19,000.
So, what can be done? The report states it like this:
“Beware of hackers — but pay even closer attention to that employee packing up for the weekend, or taking his/her laptop out the door to his/her car. If healthcare organizations don’t start securing the protected health information that resides on laptops, desktops, and mobile devices, now then they’re bound to lose the data security fight, no matter how hard they fight to protect their data.”