Hacking and breaches of healthcare data continue to happen. The scale of the breaches are increasing as well. According to an article over at Data Breach Today, 143 million individuals have had their healthcare related information breached. 70% of the 143 million breached records have occurred just in 2015.
Healthcare organizations are not making security of protected health information (PHI) a priority. Many organizations are in denial that they could be a target. But the reality is that PHI is very valuable and cyber criminals want to get their hands on as much PHI as possible. Whether it is 80 million records from Anthem or 10,000 records from a small medical practice, thieves have set their sights on healthcare data.
While hacking and hackers need to be a major concern for healthcare organizations, other types of breaches should be on the radar as well. Lost or stolen laptops and USB drives are a leading cause of breaches. Organizations need to protect information on portable devices. The use of encryption to protect data on portable devices is increasing but still lacking in most organizations.
Healthcare organizations need to worry about HIPAA compliance but they also need to worry about security of the data. HIPAA compliance and data security should go hand in hand but many times organizations are only concerned with the appearance of compliance. They worry about government fines but have little concern for implementing the necessary security safeguards to protect patient information. Until the mindset switches from check-box compliance to securing PHI, the number of breached records will continue to climb.
Free HIPAA Security Training!
All Covered Entities and Business Associates need to train their employees on HIPAA security. We now offer free online HIPAA security training for Covered Entities and Business Associates. Find out more about our free training and send the information to ALL your colleagues and Business Associates.
Now it is easy to train your employees on protecting patient information!