Health Data Management is reporting a disturbing security breach at the University of Kentucky: a laptop computer containing medical records for more than 2000 individuals was stolen from a locked room. The theft occurred in June, and so far there is no evidence that the records have been used for nefarious purposes - or even that the records have been accessed - but the fact remains that names, medical records, and in some cases Social Security numbers have been stolen.
Preventing patient data breaches is the number one priority for healthcare IT workers. A vast majority of hospitals are spending more money on security in 2010 than they did in 2009 in order to comply with HIPAA and HITECH regulations. The decision to put the Protected Health Information on a laptop computer and the failure to encrypt the laptop will inevitably cost the University of Kentucky hundreds of thousands of dollars in HIPAA fines, in addition to the costs of offering credit and identity protection to the individuals whose personal information was stolen. This once again emphasizes the importance of investing in strong HIPAA compliance processes, policies and training. A relatively small expense early on can help avoid the much larger risks in the future. We'd love to know what others think about this. How concerned are you about data breaches in this environment? What kind of steps has your organization taken to be prepared?
Preventing patient data breaches is the number one priority for healthcare IT workers. A vast majority of hospitals are spending more money on security in 2010 than they did in 2009 in order to comply with HIPAA and HITECH regulations.
The decision to put the Protected Health Information on a laptop computer and the failure to encrypt the laptop will inevitably cost the University of Kentucky hundreds of thousands of dollars in HIPAA fines, in addition to the costs of offering credit and identity protection to the individuals whose personal information was stolen. This once again emphasizes the importance of investing in strong HIPAA compliance processes, policies and training. A relatively small expense early on can help avoid the much larger risks in the future.
We'd love to know what others think about this. How concerned are you about data breaches in this environment? What kind of steps has your organization taken to be prepared?
Meaningful Use Stages 2 and 3 in the works
The Health IT Policy Committe - the federal advisory committee responsible for making recommendations to the National Coordi...
Healthcare Costs Expected to Increase by 11% in 2011
A new survey by Aon Consulting is anticipating healthcare costs to rise between 10.5 and 11% in 2011, as reported by Becker'...
Worried about EHR impact on efficiency? How will you measure it?
People on the front lines of care tend to immediately jump to the very reasonable concern that implementation of a new EHR w...
Steps to Choosing an EHR - excerpt from a Vendor Site
We see many web sites and articles from software vendors and consultants. The quality can be pretty varied but we often see ...
EHR Drivers - the Frost & Sullivan report is interesting but perhaps things are more straight forward?
A recent Frost & Sullivan report predicts the EHR market will double from $1.3 billion to $2.6 billion between 2009 and 2012...