Sloppy Handling Of Patient Data Always A Danger
Newest First  |  Oldest First  |  Threaded View
G. Scott
G. Scott,
User Rank: Apprentice
11/20/2013 | 3:00:18 PM
Sloppy Handling
The biggest source of data breaches due to sloppy handling is not lost laptops, human mishap or even a one-time event.  The biggest source of data breaches occurs during the IT recycling process.  I see healthcare organizations routinely hand over laptops, PCs and servers loaded with hard drives to electronic recyclers.    

My company is a NAID Certified for hard drive destruction, performs HDD shredding onsite while the client watches and carries professional liability insurance to cover Breach Notification...helping organizations comply with HIPAA.  Still, we lose business to electronic recyclers because the person responsible for discarding old IT equipment doesn't understand the "authorized access" or doesn't have the $5.00 budget to shred a hard drive.
User Rank: Apprentice
11/18/2013 | 3:23:45 PM
Re: Too Small to Fail?
Thanks for pointing out how much human error is involved in major medical data breaches, Alex. One of the most senseless (IMO) and avoidable problems seems to come from lost laptops. It would be easier to avoid breaches if employees (or contractors, in many cases) don't see fit to haul valuable data off site. Some simple rules made by IT might help.
Alex Kane Rudansky
Alex Kane Rudansky,
User Rank: Author
11/18/2013 | 9:52:56 AM
Re: Too Small to Fail?
Thanks for your comment, Alison. You're right - government agencies are stretched very thin. I wonder if the rapid adoption of EHRs (and resulting increased chance of leaks/breaches) will cause the government to beef up their HIPAA enforcement efforts in years to come.
Alison Diana
Alison Diana,
User Rank: Moderator
11/18/2013 | 9:40:51 AM
Too Small to Fail?
Small doctor offices are not under the radar. Often, disgruntled patients or (ex) employees will report them to officials, according to articles I've read about smaller providers that have been fined for abusing HIPAA. Government agencies are always stretched thin; the public is not -- and no service provider ever has 100% satisfaction! As your article says, a lot of times breaches come down to human error, not technology. A clerk leaves papers on a desk; a receptionists discusses a patient in a waiting room, or a doctor loses her phone. 

Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.