According to the Ponemon Institute’s 2011 Benchmark Study on Patient Privacy and Data Security, data security breaches cost the U.S. healthcare industry an estimated $6.5 billion a year, up 10 percent from last year. About 29 percent of the providers reported that one consequence of data breaches was medical identity theft.
The major causes of healthcare data breaches include lost or stolen devices (nearly 50 percent), third party/business associate mistakes (46 percent) and unintentional employee actions.
The prevalence of business associates as the source of a data breach highlights the importance of vetting your vendors thoroughly for HIPAA compliant hosting – although passing a HIPAA audit of their own does not make your organization completely compliant, it does mean your data hosting solution and provider has the proper technology, policies and procedures in place to protect your company from a data breach.
The use of mobile devices in the healthcare industry is another contributor to data loss – while 80 percent are using them to gather, transmit and store patient information, half of them are not securing them.
How can your organization secure sensitive protected health information (PHI) during transfer, storage and transmittal? Online Tech recommends data encryption, virtual or dedicated firewalls, offsite backup and antivirus to meet HIPAA/HITECH standards and keep data safe.
The study also reports that fifty-five percent of respondents agreed that concerns about the ongoing HIPAA audits enforced by OCR and the onsite investigations have affected changes in their patient data privacy and security policies and procedures.
What are the consequences of a data breach that healthcare organizations must suffer?
How are these data breaches discovered?
Although investing in the proper HIPAA compliant technology, policies and procedures can be a costly, time-consuming process, the study also shows that healthcare organization are at risk of non-compliance, based on their current practices. The study also shows a significant financial loss and other serious consequences that can negatively impact business survival.
Need more HIPAA hosting information and recommended best practices to meet compliance? Answer questions like What services from Online Tech help make me compliant? and What’s the best way to encrypt PHI? in our informative HIPAA FAQ. Or read up on a few HIPAA hosting case studies that detail real companies with real HIPAA challenges, and their solutions that helped them be successful today.
Otava provides the secure, compliant hybrid cloud solutions demanded by service providers, channel partners and enterprise clients in compliance-sensitive industries. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers in highly regulated disciplines with a clear path to transformation through its effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by an exceptional support team. Learn more at www.otava.com.