Comments
Sloppy Handling Of Patient Data Always A Danger
Newest First  |  Oldest First  |  Threaded View
G. Scott
50%
50%
G. Scott,
User Rank: Apprentice
11/20/2013 | 3:00:18 PM
Sloppy Handling
The biggest source of data breaches due to sloppy handling is not lost laptops, human mishap or even a one-time event.  The biggest source of data breaches occurs during the IT recycling process.  I see healthcare organizations routinely hand over laptops, PCs and servers loaded with hard drives to electronic recyclers.    

My company is a NAID Certified for hard drive destruction, performs HDD shredding onsite while the client watches and carries professional liability insurance to cover Breach Notification...helping organizations comply with HIPAA.  Still, we lose business to electronic recyclers because the person responsible for discarding old IT equipment doesn't understand the "authorized access" or doesn't have the $5.00 budget to shred a hard drive.
MNJander
50%
50%
MNJander,
User Rank: Apprentice
11/18/2013 | 3:23:45 PM
Re: Too Small to Fail?
Thanks for pointing out how much human error is involved in major medical data breaches, Alex. One of the most senseless (IMO) and avoidable problems seems to come from lost laptops. It would be easier to avoid breaches if employees (or contractors, in many cases) don't see fit to haul valuable data off site. Some simple rules made by IT might help.
Alex Kane Rudansky
50%
50%
Alex Kane Rudansky,
User Rank: Author
11/18/2013 | 9:52:56 AM
Re: Too Small to Fail?
Thanks for your comment, Alison. You're right - government agencies are stretched very thin. I wonder if the rapid adoption of EHRs (and resulting increased chance of leaks/breaches) will cause the government to beef up their HIPAA enforcement efforts in years to come.
Alison Diana
50%
50%
Alison Diana,
User Rank: Moderator
11/18/2013 | 9:40:51 AM
Too Small to Fail?
Small doctor offices are not under the radar. Often, disgruntled patients or (ex) employees will report them to officials, according to articles I've read about smaller providers that have been fined for abusing HIPAA. Government agencies are always stretched thin; the public is not -- and no service provider ever has 100% satisfaction! As your article says, a lot of times breaches come down to human error, not technology. A clerk leaves papers on a desk; a receptionists discusses a patient in a waiting room, or a doctor loses her phone. 


Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Dec. 9, 2014
Apps will make or break the tablet as a work device, but don't shortchange critical factors related to hardware, security, peripherals, and integration.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of December 14, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.