Healthcare Data at Risk
eWeek's Brian Horowitz recently discussed an American survey that revealed that the healthcare industry suffers the most when it comes to breaches:
A total of 113 healthcare facilities have been hit with data breaches in 2010, compared with only 39 banking/finance firms, according to a July 28 report by the Identity Theft Resource Center.
This certainly doesn't make the road to Electronic Medical Records very easy. Not too long ago I interviewed with Mark Marotta of the Therapy Times and we discussed the risk and rewards of EMRs:
Logan says the transition to EHRs is probably going to take longer than people want, and it will probably occur in states like California or New York, which have the most to gain. “There will be a transition period which could be painful for folks who live in rural areas,” he adds.
Along the way, Logan predicts, there will be stumbles in the form of data breaches that will cause people to say that computerizing healthcare information is unsafe. Nicholls-Sharp says it is important for practitioners to make sure the EHR systems they select meet the standards of the Healthcare Insurance Privacy and Accountability Act in terms of ensuring patient privacy and security. “It’s complex enough that you probably should have someone – if you’re a private practitioner – take a look at the different aspects to make sure you’re compliant,” advises Elrod.
The good news, Logan says, is that many products to ensure data security are already on the market. He adds that the healthcare field can also leverage the knowledge that has been developed by financial services or the government, which are experienced in dealing with these issues.
“It’s an area where there are a lot of best practices available. It’s going to be more about understanding and learning what those best practices are and then trying to apply them to their environments in a smart way. I think it’s very doable. It’s just a question of starting down the path, thinking it through a little bit, and working through it in a reasonable time frame. It’s not going to be overnight, but it shouldn’t take 20 years, either. It should be one to five years. There should be a fair bit of progress, especially with smaller providers, since they don’t have huge investments to retool,” says Logan.
And of course we'll be there to protect EMRs every step of the way.