By Nicole Lewis
April 7, 2010
A new study from the Healthcare Information and Management Systems
Society reports that since January 2008, more than 110 healthcare
organizations have reported the loss of sensitive patient data affecting
over 5,306,000 individuals.
The findings, published in the 2010 HIMSS Analytics Report: Security of
Patient Data, show that the vast majority of the 250 healthcare IT and
security professionals surveyed have policies, procedures and technology
in place at their organizations to prevent data theft. But changes made
to protect medical records haven't curbed the number of reported
breaches, which increased six percent since 2008.
HIMSS's Analytics unit did the study in partnership with Kroll Fraud
Solutions, a provider of data protection and identity theft response
More than 40 percent of survey respondents reported that data loss
incidents were caused by theft (stolen laptops, computers, or
media/tapes. Another 27 percent were the result of loss or by staff or
third parties; malicious insiders caused 20 percent; and 9 percent were
caused by system hacks, Web exposure, and virus attacks.
The organizations in questions have security policies in place, said
Brian Lapidus, Kroll's chief operating officer. But "the gap between
security policy and actual behavioral change is still significant," he
Register now for HITBSecConf2010 - Dubai, the premier
deep-knowledge network security event in the GCC,
featuring keynote speakers John Viega and Matt Watchinski!