Filed Under:Risk Management, Corporate Risk

Healthcare Data Breaches: Handle with Care

Data breaches are notorious for the financial, legal, and reputational damage they can inflict on an organization and its customers. The unintentional exposure of a social security number or financial information raises the risk for identity theft and increases organization vulnerability for lawsuits, fines and lost business.

These risks are especially troubling for healthcare providers, since data breaches in this sector are up 32 percent since 2010, according to a new benchmark study by the Ponemon Institute. And healthcare data breaches are expensive, costing the industry an estimated $6.5 billion.

  • The move to electronic health records (EHR). In February 2009, the U.S. Senate passed an $838 billion stimulus bill, in part to enable the digitization of every American’s medical record. Healthcare organizations are rushing to computerize their medical records, to take advantage of financial “meaningful use” incentives. But lagging security investments have left medical records more susceptible than ever to accidental or intentional disclosure, loss, or theft. What were once isolated paper records are becoming electronic health data on millions of individuals that can be transmitted in seconds. Once this information is breached, it can never be recovered. 
  • The rise of strict laws and stiff fines. The healthcare industry has, by far, the most stringent laws regarding the safety of its privacy data, called protected health information (PHI).  HIPAA Privacy and Security Rules set standards for medical information privacy. The HITECH Act extends HIPAA privacy and security requirements beyond healthcare providers to business associates, creates stricter breach notification guidelines, and gives state authorities power to enforce HIPAA rules. It also increased penalties for noncompliance—up to $1.5 million.
  • Read related: "Private I."

    The combination of increased danger to patients, the move to electronic health records, and the strict laws associated with protected health information all increase the risks associated with healthcare data breaches. More than ever, healthcare organizations need to strengthen their preventive measures to minimize those risks and ensure positive outcomes for their organization and the patients they serve.

    Featured Video

    Most Recent Videos

    Video Library ››

    Top Story

    Baby, it’s cold outside! Here are 6 tips for staying safe in sub-zero temperatures

    Extreme temperatures bring risks to people and property. Make sure you are taking care of yourself and your surroundings.

    Top Story

    5 ways insurance agencies can improve their websites

    The way people use the Internet has changed over the past few years. Has your website changed with it?

    More Resources

    Comments

    eNewsletter Sign Up

    PropertyCasualty360 Daily eNews

    Get P&C insurance news to stay ahead of the competition in one concise format - FREE. Sign Up Now!

    Mobile Phone

    Advertisement. Closing in 15 seconds.