Topics
Reimbursement
Elevance, UnitedHealth among insurers accused of alleged price fixing
Elevance, UnitedHealth among insurers accused of alleged price fixing
Revenue Cycle Management
Mary Washington Healthcare latest to outsource revenue cycle 
Mary Washington Healthcare latest to outsource revenue cycle 
Strategic Planning
CommonSpirit, University of Utah Health team on access
CommonSpirit, University of Utah Health team on access
Capital Finance
Cigna nixes speculation of a Humana merger
Cigna nixes speculation of a Humana merger
Supply Chain
Feds shore up healthcare supply chain in wake of hurricanes Helene and Milton
Feds shore up supply chain in wake of hurricanes
Accounting & Financial Management
Labor expenses continue to challenge hospitals
Labor expenses continue to challenge hospitals
Budgeting
Health system operating margins declined in August
Health system operating margins declined in August
Quality and Safety
US healthcare system ranks last in equity, access
US healthcare system ranks last in equity, access
Billing and Collections
CFPB warns of illegal tactics by medical debt collectors
CFPB warns of illegal tactics by medical debt collectors
Claims Processing
Denials top reason for eroding provider-payer relationship
Denials top reason for eroding provider-payer relationship
Workforce
Elevance laying off 123 California employees
Elevance laying off 123 California employees
Operations
UAB, Press Ganey launch certificate program for healthcare leaders
UAB, Press Ganey launch certificate program for healthcare leaders
Medical Devices
Healthcare chatbots may promote racist misinformation
Healthcare chatbots may promote racist misinformation
Hospital/physician relations
Hospitals, physicians submit opposing views to FTC ruling on noncompetes
Hospitals, physicians submit opposing views to FTC ruling
Construction & Facilities Management
University Hospitals expanding with $3.2 million donation
University Hospitals expanding with $3.2M donation
Compliance & Legal
Johnson and Johnson sues HRSA for blocking 340B plan
J&J sues HRSA for blocking 340B plan
Policy and Legislation
Planned Parenthood, other groups decry executive power in House bill
Planned Parenthood, other groups decry House bill
Community Benefit
AMA pushes for stricter standards for hospital charity care policies
AMA pushes for stricter standards for hospital charity care policies
Accountable Care
NAACOS pushes ACO REACH extension after $1.54B in savings
NAACOS pushes ACO REACH extension
Acute Care
SDOH, tech key to advancing value-based care, says UHG
SDOH, tech key to advancing value-based care
Ambulatory Care
Cleveland Clinic and Amazon One Medical collaborate on primary care clinics
Cleveland Clinic and Amazon One Medical collaborate
Analytics
Interoperability in healthcare moving forward despite challenges
Interoperability in healthcare moving forward despite challenges
Business Intelligence
CVS announces Dr. Sreekanth Chaguturu as president, Health Care Delivery
CVS announces Dr. Sreekanth Chaguturu as president, Health Care Delivery
ICD-10 & Coding
Physician practices examine risk adjustment coding in wake of federal lawsuits
Practices keeping close watch on risk adjustment coding
Meaningful Use
Financial disincentives for providers who commit information blocking 
Financial disincentives for providers who commit information blocking 
Medicare & Medicaid
Almost a quarter of Americans underinsured, survey finds
Survey: Almost a quarter of Americans underinsured
Patient Engagement
HHS, Illinois reach agreement on disability rights laws
HHS, Illinois reach agreement on disability rights
Pharmacy
Express Scripts, Caremark, OptumRx fight back in lawsuit against FTC 
Express Scripts, Caremark, OptumRx sue FTC 
Population Health
Reproductive care, including abortion, facing challenges
Reproductive care, including abortion, facing challenges
Risk Management
UPMC for You partners to offer Medicaid redetermination coverage in laundromats
UPMC for You offers Medicaid redetermination coverage in laundromats
Telehealth
Telehealth prescribing of controlled drugs extended through 2025
Telehealth prescribing of controlled drugs extended
Mergers & Acquisitions
Cardinal Health set to acquire two companies for combined $3.9B
Cardinal Health set to acquire two companies for combined $3.9B
View more
May 08, 2012

Preventing EHR data breaches

Kelsey Brimmer

Focus should be on file storage, transmission and destruction

Large data breaches involving sensitive patient information are, unfortunately, all too common and with more and more healthcare organizations using electronic health records (EHRs), companies need to be very concerned about the protection of their data.

According to George Hickman, board chair of the College of Healthcare Information Management Executives (CHIME) and Albany Medical Center CIO in Albany, N.Y., “Since 2009, healthcare organizations have reported 385 breaches affecting more than 19 million patient records. Three of the top five all-time breaches since August 2009 have involved business associates - entities that providers rely on, such as vendors, suppliers, consultants and contractors. In fact, 59 percent of all breaches have involved business associates.”

Greg Bartels, president and CEO of IPS, a company that helps companies digitize their various business processes through eliminating paper in Secaucus, N.J., said that while EHRs are important to today’s healthcare organizations, the way in which the information is digitized and transported is vital.

“With people who can hack into the system, you have to have a layer of security on the infrastructure (the networks) side of it that is extremely strong,” said Bartels. “There should also be security on who has access to the data in the system so not just anyone working can come in and transfer the data onto another device.”

Robert Shaughnessy, chief technology officer at Circadence, a WAN optimization company in Boulder, Colo., said it’s important that sensitive data being sent from one place to another over a network should be extremely secure at the endpoints.

“One of the things to note when it comes to EHR is why they’re being put into that format to begin with – it’s not just for ease of storage but also for access. One of the qualities of the best care is access to care. The ability to maintain that security while doing that is essential,” said Shaughnessy. “A lot of information we deal with is actual raw information like patient studies that have to be carefully dealt with. Our software is designed to maintain that security.”

Data encryption on all devices – including mobile devices such as smartphones and iPads – is also key because so many data breaches come from stolen or lost laptops and phones, said Sean Glynn, vice president of marketing at Credent, a data encryption company in Addison, Tex.

“At least a third of data breaches are from lost or stolen data at the endpoints, such as backup drives, laptops and mobile devices,” said Glynn. “There are significant penalties from the government in case of a breach. With encrypted data, there’s no need to pay fines, you just replace the hard drive of the device.”

When it comes time for a healthcare company to upgrade its electronic equipment, it’s important that all sensitive data be removed or destroyed securely from all devices, said Steve Skurnac, president of Sims Recycling Solutions, a nationwide e-recycling company.

“There are many laws with how patient data must be protected when it becomes to the recycling or disposing of electronic devices like laptops and printers. HIPAA rules are specific,” said Skurnac. “We stress from the recycling point of view that data is still residing on hard drives of servers or laptops or printers, etc. We encourage companies to make sure that any electronic recycling vendor they pick is somehow guaranteeing the destruction of their data.”

 

News
Ending racism in healthcare often begins with medical education - and is the target of a new national project Ending racism in healthcare often begins with medical education - and is the target of a new national project Inequities can be found in every facet of the industry, but targeting medical students and residents can help stem the tide.