Along with the digitization of patient records comes increased risk for data security and privacy violations. In 2011, thanks to a new Department of Health and Human Service's "hall of shame" website, it became easier to find out what sorts of Health Insurance Portability Accountability Act (HIPAA) data privacy and security breaches healthcare providers were experiencing.
As of November, there were 364 health-data breaches affecting 500 or more individuals. The vast majority of incidents involved lost or stolen laptops, flash drives, or other mobile gear, as well as lost or improper disposal of paper documents, according to HHS.
In October, a desktop computer was stolen from healthcare organization Sutter Medical Foundation, potentially exposing the personal information of nearly 4 million patients. The password-protected but unencrypted machine contained a patient database. Ironically, the Sacramento, Calif.-based healthcare organization had been implementing encryption across the organization at the time of the theft. Unfortunately, the machine that was stolen was not yet encrypted.