Connect with Us

Customer Service Starts with Communication

Whether it is a mobile website, a text message, or a printed invoice- how you communication with customers is the first step of customer service.

Find out what Creative Mobile founder Steve Bazinet has to say about it.

listen-now

Get Weekly Posts by Email

Your email:

Quarterly Communication Trends by Email

How do you stay 1 step ahead of your customer or patient communication needs?

How does that keep you 3 steps ahead of your competition?

The Modern Communication Quarterly makes sense of the latest trends, how they could effect your organization, and what you can do about it now.

Sign Up Now

Free mHealth Webinar

Are you a healthcare professional looking for ideas to improve patient satisfaction, patient engagement or medical literacy?

Our mHealth webinar will show you how mobile communications can help.

click-to-learn-more

Latest Posts

Posts by category

The Creative Companies Blog

Current Articles | RSS Feed RSS Feed

Healthcare Trend: 4 Ways to Prevent a Patient Data Security Breach

Posted by Mark Henry on Tue, Jan 17, 2012 @ 07:00
 

Congratulations! Your Private Healthcare Information Has Been Compromised!

Imagine some future version of yourself; idealistic, inspired, set on becoming the next Senator to represent your great state in the US Congress. One morning you wakeup to see your personal medical history published on the front page of the newspaper; perhaps an unplanned pregnancy, an STD contracted in college, a bout with meningitis. It doesn’t matter what the medical issue, your opponent grabs onto it as leverage in naming you unfit to serve. Suddenly, your dreams of immortality are destroyed.

65% of Data Breaches Are from the Theft or Loss of Portable Devices

patient data securityThink this scenario is far fetched? In 2011 there were 123 data breaches reported to the US Department of Health and Human Services under section 13402(e)(4) of the HITECH act. Of these, 65% were caused by the loss or theft of portable electronic devices; compromising at least 8.5 MILLION individual healthcare records.

The loss of mobile devices of all types - smartphones, tablets, and laptops - is not just rampant, it is an epidemic. Although a recent study completed by the Ponemon Institute suggests the leading cause of data breaches in healthcare are lost or stolen equipment, only 51% of respondents are taking any steps to secure data stored on these devices.

Data Breaches are Preventable, Even in a Mobile World

The worst part of this situation is that each and every one of these breaches was completely preventable. Below I outline our top four security policies for mobile devices. If you implement these you immediately address 98% of your risk:

  1. Encrypt everything: That’s right, I said EVERYTHING. It’s not enough to use database or folder level encryption (which is a good place to start) but you have to expand your coverage to the entire hard drive. If your device doesn’t support this feature, then don’t put anything on it you don’t want in the clear.
  2. Mobile storage devices; like USB drives, writable CD/DVD drives (and their media) and even portable hard drives should simply be forbidden and restricted from use by IT policy. Yes, it’s inconvenient, but these devices are almost never inventoried, and you can’t enforce encryption on them.
  3. No outside devices, ever. I will certainly take heat for this comment, but there is no business case you can make that offsets the potential liability from loosing control of the device. Simply imagine discharging an employee who has been storing private healthcare information on their tablet. How can you ensure the information is wiped? What is the ex-employee’s legal recourse if you remote wipe the tablet without their permission? There are simply too many unknowns here.
  4. All mobile devices need a deadman trigger. Every mobile device you have in inventory needs to be able to do at least two things – be wiped remotely by an administrator and be tracked geographically. If you can’t do both of those, then the device doesn’t belong in your approved equipment list.

On the outset many of these will seem onerous; either from a cost or workflow impact perspective. However, as an industry we must become serious in how we safeguard the private healthcare information we are charged with maintaining. The number of breaches will simply continue to grow until we do.

Patient relationships are built on trust, and the handling of patient data is one way a healthcare institution builds trust.

Are you trying to ensure patient data security while also trying to give patient's better access to their records and improve patient satisfaction? Do all the technological advances in healthcare communications seem like a maze or possibilities and security pitfalls?

Do you know if your patient data management system upholds these basic data security best practices, or are you risking a patient data security breach and therefore the trust of your patient community?

Contact me about your patient data security needs and find out how to can improve patient experience and increase patient engagement with our custom and secure communications systems.

Tags: ,

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics