A visit to the doctor can be stressful for just about everyone, but take into account patient security, and a whole new level of stress is added to the situation. Researchers have found that the number of medical data breaches in the United States increased between 2010 and 2013.
Of the 949 breaches reported to the Department of Health and Human Services (HHS) during this time period, six of the breaches affected over 1 million patient records. This year alone, over 90 million people were harmed by medical breaches. Researchers have found that electronic media, such as mobile devices and laptops, were the most common source of data loss. Lost devices and improper disposal of data accounted for 11% of the breaches while breaches from hacking or unauthorized access are estimated to be at 27% percent. It is likely that many smaller breaches have not been reported.
Hackers and criminals are attracted to the wealth of medical data that is now stored electronically. Medical information collected by a provider or health insurer can include anything from your name and birthday, to your social security number and health plan identification number. A complete health record can go for up to 10 times more than credit card information on the black market. Hackers sell this data to criminals who then use the data to commit identity theft, file false insurance claims, or obtain prescription drugs.
Now the healthcare system is struggling to deal with the effect these breaches can have on the patient’s participation. Patients that are concerned about the safety of their data may be less willing to share their personal information with their providers. This decision will not only affect the completeness of their health information, but it will affect the healthcare industry as a whole, hindering research and performance measurements.
Strategies to alleviate the issues of data breaches are essential to ensuring the well-being of patients and healthcare systems. However, healthcare in the United States includes a wide variety of unique and complicated organizations. These organizations could be anything from a one physician practice to a community hospital or clinic. Each of these organizations will need to come up with a plan that works with their own system and patients.
Electronic health records were designed to make the healthcare process easier for both providers and their patients. However, if patient data is not safe in these systems, EHRs will lose their value. By encrypting medical data and preventing employees from storing private patient information on their personal electronics and mobile devices, practices can do their part to prevent breaches in the future. Policymakers may also want to review the Health Insurance Portability and Accountability Act in order to make the necessary adjustments to protect patient information.
Author: Lauren Daniels