Healthcare // Security & Privacy
News
3/13/2014
09:06 AM
Connect Directly
RSS
E-Mail

Obamacare Vs. Patient Data Security: Ponemon Research

Healthcare professionals worry that healthcare regulations mandating patient data exchange are luring more data thieves, says Ponemon study.

Comment  | 
Print  | 
Comments
Oldest First  |  Newest First  |  Threaded View
David F. Carr
100%
0%
David F. Carr,
User Rank: Author
3/13/2014 | 9:51:45 AM
What's the Obamacare connection?
Is the study saying that the health insurance exchanges in particular pose a cybersecurity hazard? I get that theft of a health insurance ID number is particularly valuable to the thief, but I'm not sure the insurance number is ever issued through that service. More likely that insurance numbers would be associated with patient records in a hospital or provider system that was breached.

Are there other provisions of Obamacare, besides the creation of the exchanges that encourage/require sharing of health information in some risky way? I associate most of the stuff about health insurance exchange more with the Meaningful Use program.
Alison_Diana
0%
100%
Alison_Diana,
User Rank: Author
3/13/2014 | 5:31:02 PM
Re: What's the Obamacare connection?
The study is a result of a poll so it's perception, not necessarily reality, that ACA puts patient data at risk. Some reasons: Pure and simple, more people sending health-related information to central locations, and the sheer volume of health data being exchanged by private and government agencies. Even though there were some downward shifts in breaches, there isn't much to celebrate and the industry has to do more. Healthcare security execs predict a Target-like breach for this business; with sites like Healthcare.gov, cybercriminals have one more very attractive target in their sights.
moarsauce123
50%
50%
moarsauce123,
User Rank: Ninja
3/15/2014 | 10:03:15 AM
All depends on implementation
Germany has EHRs for almost two decades and there is no known data breach so far. It all comes down to implementation and maybe not always going with the cheapest solution possible.
Alison_Diana
50%
50%
Alison_Diana,
User Rank: Author
3/17/2014 | 9:50:33 AM
Re: All depends on implementation
That's interesting, @moarsauce. For one thing, it shows just how far behind the US has been in terms of adopting technology within healtcare. For another, it demonstrates how secure these systems can be, when implemented well. One thing I wonder, though: What disclosure laws does Germany have if a healthcare provider's data is breached? Does an organization have to notify patients, partners, etc., if data's potentially been lost or stolen and what are the criteria (for example, after 500 records are affected; within 30 days...)? 
Healthcare Data Breaches Cost More Than You Think
Healthcare Data Breaches Cost More Than You Think
Healthcare providers just don't get it. They refuse to see the need to fully secure their protected health information from unauthorized users -- and from authorized users who abuse their access privileges. As a result, they don't allocate enough budgetary resources for securing medical data.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest September 18, 2014
Enterprise social network success starts and ends with integration. Here's how to finally make collaboration click.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
The weekly wrap-up of the top stories from InformationWeek.com this week.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.