Healthcare organizations have access to very personal information, including patients’ finances and their health records. Unfortunately, hacks into these databases occur more often than some think.
According to credit.com, 43% of all identity theft involves medical records and data. The consequences of having one’s medical identity stolen can result in cancelled policies or increased premiums. In some cases, a person’s health may be at risk, if medical information is altered.
The Health Information Technology for Economic & Clinical Health (HITECH) Act of 2009 has strengthened information privacy and security for healthcare organizations. As a result of the act, a breach must be reported after the impermissible use or disclosure of protected health information. HITECH also increased fines and penalties for a breach from $50,000 to $1.5 million per violation. Third parties with access to patients’ medical data are also liable for data breaches. Training and awareness programs are also required under HITECH to ensure data protection by employees.
Mobile devices increase the risk of a breach. A mobile device security policy dictates how employees are to safeguard data. Encryption is key to supplementing protection on mobile devices. According to the Ponemon Institute, a written network privacy and security incident response plan can reduce the cost of a data breach by $17.
Summary by MedicalGroups.com
To read more from Property Casualty 360 click here