By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    headphones can create health problems
    The Harmful Health Effects of Using Headphones
    September 24, 2021
    Headache causes
    4 Causes Of Headache You Probably Didn’t Know About
    December 28, 2021
    follow these steps to recover from your injury
    What Steps Should You Take to Recover More Quickly from an Injury?
    April 12, 2022
    Latest News
    Beyond Nutrition: Everyday Foods That Support Whole-Body Health
    June 15, 2025
    The Wide-Ranging Benefits of Magnesium Supplements
    June 11, 2025
    The Best Home Remedies for Migraines
    June 5, 2025
    The Hidden Impact Of Stress On Your Body’s Alignment And Balance
    May 22, 2025
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    OTC Drugs Should Qualify as Medical Expense for Tax Purposes
    August 5, 2011
    ACOs
    ACOs and Patient Safety: Dos and Don’ts: Video
    May 15, 2012
    America Has A Health Care Paradox
    September 19, 2012
    Latest News
    Preventing Contamination In Healthcare Facilities Starts With Hygiene
    June 15, 2025
    Strengthening Healthcare Systems Through Clinical and Administrative Career Development
    June 13, 2025
    Building Smarter Care Teams: Aligning Roles, Structure, and Clinical Expertise
    May 18, 2025
    The Critical Role of Healthcare in Personal Injury Recovery: A Comprehensive Guide for Victims
    May 14, 2025
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Why Healthcare Should Sweat “The Small Stuff” When It Comes to Health Data Security
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Policy & Law > Why Healthcare Should Sweat “The Small Stuff” When It Comes to Health Data Security
Policy & LawTechnology

Why Healthcare Should Sweat “The Small Stuff” When It Comes to Health Data Security

Chris Hoffmann
Last updated: September 22, 2014 8:11 am
Chris Hoffmann
Share
5 Min Read
SHARE

In the five years since the passing of the 2009 HITECH Act, more than 30 million people in over 900 various cases have been affected by breaches of secure healthcare data.  The HITECH Act requires that HHS disclose to the SEC any incidents affecting more than 500 patients, but these numbers alone do not tell the whole story.  In a 2012 report to Congress, HHS disclosed that approximately 165,000 additional victims had been involved in ‘smaller incidents’ that fell below the 500 victim threshold.

In the five years since the passing of the 2009 HITECH Act, more than 30 million people in over 900 various cases have been affected by breaches of secure healthcare data.  The HITECH Act requires that HHS disclose to the SEC any incidents affecting more than 500 patients, but these numbers alone do not tell the whole story.  In a 2012 report to Congress, HHS disclosed that approximately 165,000 additional victims had been involved in ‘smaller incidents’ that fell below the 500 victim threshold.

In March, the Ponemon Institute, an independent organization focused on the research of privacy protection and data security, calculated that data breaches are costing the healthcare industry roughly $5.6 billion annually ─ and the Identity Theft Research Center reported that in 2013 healthcare data breaches accounted for almost half of major incidents reported across all industries (the first time healthcare has topped their list).

While 2014 data shows a downward trend in total costs of data breaches to health systems, since 2010 the number of attacks on healthcare systems has doubled.

More Read

mHealth Patient Care
Biologics in Spine Surgery
Fight on Fat
Thomas Jefferson University Hospitals Embrace Telehealth
How to Talk to Your Doctor to Change Prescription Medications
Can We Squeeze the Waste Out of Medical Education?

The Last 12 Months:

  • The turbulent rollout of public health insurance exchanges with many questioning the amount of focus dedicated  to ensuring their security
  • Discovery of the Heartbleed bug, which caused massive vulnerability across the Internet and sent millions of consumers scrambling to change their online login credentials
  • The theft of 4.5 million patient health records from Community Health Systems (CHS) made possible by Heartbleed.  This was the second largest breach of health records ever in the U.S. and has many in the healthcare industry fearfully anticipating future attacks made possible by information stolen through the vulnerability
  • Hackers successfully breach the Healthcare.gov website and leave behind malicious software.  Though no patient data was believed to be taken, many are worrying about further attacks as a new enrollment period approaches and the exchange is flooded with new patient information

Not all data breaches are achieved by web-based means, however.  Below are the seven incident categories for health data security breaches being tracked by HHS (Note that some incidents fall under more than one classification):

Data breach incident categories

Note: HHS also specifies the location of the breach, listing desktop computers, emails, electronic medical records, laptops, network servers, other portable electronic devices, and paper as possible vehicles.

What are criminals stealing?

  • Like the CHS incident, criminals are targeting social security numbers (which in turn are used to steal identities) and creating fraudulent credit cards, passports, and bank accounts
  • In other instances, the goal is electronic Protected Health Information (ePHI) or Electronic Medical Records (EMRs) which provide criminals with the information needed to fraudulently receive healthcare services under the guise of being insured – an $80 billion per year problem for the public insurance sector alone

We’re intrigued by the implications of healthcare data breaches and where best-in-class solutions can emerge to mitigate risk as our society ages and Medicare ranks swell, and as the volumes of newly insured patients seeking care and the related flow of information accelerates.  While this is often not a major topic of conversation in healthcare circles, data security and data privacy vulnerabilities represent a tremendous systemic risk and are becoming more of a threat as health data continues to become digitized.  In an upcoming report, TripleTree will assess some other potential but less obvious consequences of healthcare data security issues.  Until then, let us know what you think.

Written with Spencer Evenson.

TAGGED:data breachesHITECH ACT
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

healthcare facilities
Preventing Contamination In Healthcare Facilities Starts With Hygiene
Global Healthcare Infographics
June 15, 2025
from gut to glow
From Plate to Wellness: How Everyday Foods Nourish Your Body Inside and Out
Dental health Infographics Specialties
June 15, 2025
beyond nutrition
Beyond Nutrition: Everyday Foods That Support Whole-Body Health
Health Infographics
June 15, 2025
Transcranial Magnetic Stimulation (TMS) Therapy
How TMS Therapy Helps with Treatment-Resistant Mental Illness
Mental Health Therapies
June 13, 2025

You Might also Like

Making The Case for Behavioral Health Integration

March 18, 2016

The Quantified Self and the Most Perfect Gift in the Universe

August 22, 2013

Empathy in Health Care

July 12, 2013
ebola and EHR
eHealthMedical RecordsPublic Health

Ebola: Are We Relying on EHR to Tell the Story?

October 24, 2014
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?