Comments
Sloppy Handling Of Patient Data Always A Danger
Newest First  |  Oldest First  |  Threaded View
G. Scott
50%
50%
G. Scott,
User Rank: Apprentice
11/20/2013 | 3:00:18 PM
Sloppy Handling
The biggest source of data breaches due to sloppy handling is not lost laptops, human mishap or even a one-time event.  The biggest source of data breaches occurs during the IT recycling process.  I see healthcare organizations routinely hand over laptops, PCs and servers loaded with hard drives to electronic recyclers.    

My company is a NAID Certified for hard drive destruction, performs HDD shredding onsite while the client watches and carries professional liability insurance to cover Breach Notification...helping organizations comply with HIPAA.  Still, we lose business to electronic recyclers because the person responsible for discarding old IT equipment doesn't understand the "authorized access" or doesn't have the $5.00 budget to shred a hard drive.
MNJander
50%
50%
MNJander,
User Rank: Apprentice
11/18/2013 | 3:23:45 PM
Re: Too Small to Fail?
Thanks for pointing out how much human error is involved in major medical data breaches, Alex. One of the most senseless (IMO) and avoidable problems seems to come from lost laptops. It would be easier to avoid breaches if employees (or contractors, in many cases) don't see fit to haul valuable data off site. Some simple rules made by IT might help.
Alex Kane Rudansky
50%
50%
Alex Kane Rudansky,
User Rank: Author
11/18/2013 | 9:52:56 AM
Re: Too Small to Fail?
Thanks for your comment, Alison. You're right - government agencies are stretched very thin. I wonder if the rapid adoption of EHRs (and resulting increased chance of leaks/breaches) will cause the government to beef up their HIPAA enforcement efforts in years to come.
Alison Diana
50%
50%
Alison Diana,
User Rank: Moderator
11/18/2013 | 9:40:51 AM
Too Small to Fail?
Small doctor offices are not under the radar. Often, disgruntled patients or (ex) employees will report them to officials, according to articles I've read about smaller providers that have been fined for abusing HIPAA. Government agencies are always stretched thin; the public is not -- and no service provider ever has 100% satisfaction! As your article says, a lot of times breaches come down to human error, not technology. A clerk leaves papers on a desk; a receptionists discusses a patient in a waiting room, or a doctor loses her phone. 


IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Oct. 20, 2014
Energy and weather agencies are busting long-held barriers to analyzing big data. Can the feds now get other government agencies into the movement?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.