Comments
Sloppy Handling Of Patient Data Always A Danger
Threaded  |  Newest First  |  Oldest First
Alison Diana
50%
50%
Alison Diana,
User Rank: Moderator
11/18/2013 | 9:40:51 AM
Too Small to Fail?
Small doctor offices are not under the radar. Often, disgruntled patients or (ex) employees will report them to officials, according to articles I've read about smaller providers that have been fined for abusing HIPAA. Government agencies are always stretched thin; the public is not -- and no service provider ever has 100% satisfaction! As your article says, a lot of times breaches come down to human error, not technology. A clerk leaves papers on a desk; a receptionists discusses a patient in a waiting room, or a doctor loses her phone. 
Alex Kane Rudansky
50%
50%
Alex Kane Rudansky,
User Rank: Author
11/18/2013 | 9:52:56 AM
Re: Too Small to Fail?
Thanks for your comment, Alison. You're right - government agencies are stretched very thin. I wonder if the rapid adoption of EHRs (and resulting increased chance of leaks/breaches) will cause the government to beef up their HIPAA enforcement efforts in years to come.
MNJander
50%
50%
MNJander,
User Rank: Apprentice
11/18/2013 | 3:23:45 PM
Re: Too Small to Fail?
Thanks for pointing out how much human error is involved in major medical data breaches, Alex. One of the most senseless (IMO) and avoidable problems seems to come from lost laptops. It would be easier to avoid breaches if employees (or contractors, in many cases) don't see fit to haul valuable data off site. Some simple rules made by IT might help.
G. Scott
50%
50%
G. Scott,
User Rank: Apprentice
11/20/2013 | 3:00:18 PM
Sloppy Handling
The biggest source of data breaches due to sloppy handling is not lost laptops, human mishap or even a one-time event.  The biggest source of data breaches occurs during the IT recycling process.  I see healthcare organizations routinely hand over laptops, PCs and servers loaded with hard drives to electronic recyclers.    

My company is a NAID Certified for hard drive destruction, performs HDD shredding onsite while the client watches and carries professional liability insurance to cover Breach Notification...helping organizations comply with HIPAA.  Still, we lose business to electronic recyclers because the person responsible for discarding old IT equipment doesn't understand the "authorized access" or doesn't have the $5.00 budget to shred a hard drive.


The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.