Mobile Devices Up Patient Data-Breach Risk

Mobile Devices Up Patient Data-Breach Risk
Share on FacebookTweet about this on TwitterShare on LinkedIn

Data theft and compromise in healthcare are on the rise, and the mobile landscape is further complicating security. A new 2012 HIMSS Analytics Report: Security of Patient Data reassesses the state of patient data security in the wake of recent technological developments.

The 2012 HIMSS report has found that the rapidly rising use of devices not tethered to a workstation brings an increased risk of data loss and/or compromise that many organizations are not properly prepared to address.  For example, the use of electronic health records (EHR) makes patient data more mobile and accessible. It may also introduce third parties who are entrusted with patient data, extending patient data security beyond hospital walls.

According to the report, 27% of respondents indicated that their organization had experienced at least one security breach that required notification in the past 12 months. This was up from 19% in 2010 and 13% in 2008. The main sources of security breaches in 2012 were:

56% unauthorized access by employee
34% unauthorized access to paper records
22% laptop/handheld device
10% data housed by a third-party vendor
9% improper destruction of paper records
3% network breach by outsider
2% data accessed from second-hand computer

As the use of mobile devices becomes more common in exam rooms and administrative areas, so do the risks of security breaches due to employee negligence and outdated organizational policies. The report stresses that as healthcare moves toward more digital frontiers with an aggressive transition to EHR and mobile-based devices, privacy and security no longer should be treated as separate issues.

Physician’s Weekly wants to know…do you feel that patient data is more vulnerable with the increased use of mobile devices? Do you feel practices and hospitals are prepared for these risks?

1 Comment

  1. I have noticed that most companies have outdated policies and don’t deem the cost of updating them important until a breech occurs. However, if hospitals take a proactive approach with their security protocols, I believe that the risk can be decreased. But let’s be honest. People are very careless when it comes to mobile devices. There is always someone around to overhear or look over a shoulder to gather information they shouldn’t. Then there is the issue of devices being lost or stolen. There are many variables to consider that must be accounted for before implementing mobile EHR access.


Submit a Comment

Your email address will not be published. Required fields are marked *

fourteen − 13 =