By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    superfoods to help with prostate health
    10 Healthy Foods That Can Help Protect Your Prostate
    August 29, 2022
    recover from an acl injury
    Best Exercises to Rehab a Torn ACL Without Special Equipment
    November 29, 2022
    medical practice and technology advancement
    6 Essential Strategies for Improving Your Medical Practice
    January 25, 2023
    Latest News
    7 Most Common Healthcare Accreditation Programs: Which Should You Use?
    August 20, 2025
    Hospital Pest Control and the Fight Against Superbugs
    August 20, 2025
    Hygiene Beyond The Clinic: Attention To Overlooked Non-Clinical Spaces
    August 13, 2025
    5 Steps to a Promising Career as a Healthcare Administrator
    August 3, 2025
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    Heart Attacks & Hospitalization in CA
    June 16, 2011
    1309953786_9781780660004-web_w185_h300
    Possibly the Best #Health Advice You Could Get!
    March 2, 2012
    Is a Government Takeover of Health Care Underway?
    August 1, 2011
    Latest News
    How Social Security Disability Shapes Access to Care and Everyday Health
    August 22, 2025
    How a DUI Lawyer Can Help When Your Future Health Feels Uncertain
    August 22, 2025
    How One Fall Can Lead to a Long Road of Medical Complications
    August 22, 2025
    How IT and Marketing Teams Can Collaborate to Protect Patient Trust
    July 17, 2025
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Healthcare Data Security: How Bad is it?
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Business > Healthcare Data Security: How Bad is it?
BusinessTechnology

Healthcare Data Security: How Bad is it?

RobertLambert
RobertLambert
Share
4 Min Read
SHARE

It is really bad, according to a recent survey by the Ponemon Institute (available here with registratio

It is really bad, according to a recent survey by the Ponemon Institute (available here with registration). The white paper, entitled Health Data at Risk in Development: A Call for Data Masking, presents the results of a survey of 492 health care IT professionals on their companies’ practices regarding use of live personal health care data in application testing.

It makes a scary read.  Here are the lowlights:

  • 57 percent of respondents say “their organizations use patient billing and insurance information in development and test of IT applications.”
  • 57 percent responded that their company “does not protect real data used in software development and testing.”
  • Many respondents “admit real data used in the testing and development environment has been lost or stolen.” “Thirty-eight percent say they have had a breach involving real data and 12 percent are uncertain.”

The white paper lists a litany of health care data transgressions like those above, then reviews the stiff legal penalties associated with health care data security breaches, which can be as high as $250,000 per violation.

More Read

Medical Device Marketing, Medical Technology Marketing, Online Marketing
Marketing Medical Devices to Consumers, Not Patients
Despite Botched ObamaCare Rollout, Public Still Trusts Democrats on Healthcare
PQRS: Alphabet Soup with Little Meaning
Telemedicine Robots Let Doctors “Beam” into Hospitals
Health IT, Necessary But Not Sufficient: A HiMSS14 Interview with Farzad Mostashari

The paper ends with these recommendations:

  • Assign a Chief Information Security Officer (CISO) “for the safeguarding of real data used in application testing and development.
  • “Create policies and procedures for the protection of real data used in application testing and development.
  • “Educate employees about the importance of protecting sensitive data in application testing and development.
  • “Use encryption, data leak prevention, access management, and other information security technologies.
  • “Use de-identified, masked, or dummy data rather than live data in the test and development process.”

Certainly all of these measures can be valuable, and to this list I would add a seventh recommendation from a recent article: “background checks and non-disclosure agreements for developers and testers as with health care staff and claims administrators.”

I believe that most organizations by now consistently apply education, encryption/physical security, and background checks. The current strategy of choice seems to be having trustworthy individuals work in a secure, encrypted environment.

When organizations move beyond this prevailing strategy, they must do so in a way that promotes rather than inhibits IT productivity.  According to Data Architect Cameron Snapp, “not only do businesses have to establish these policies (and get the developers to follow them), but they also should provide effective infrastructure, data accessibility, processes, and tools that enable application staff to follow them. For example, if an organization masks production personal health data for use in test, then it must accurately mimic production.  Otherwise test cases might fail even though the application works as designed!” Cameron advises that “security is two-leveled: organizations must establish policies and regulate adherence, but also enable productivity with processes, tools, and actionable data that doesn’t inhibit progress.”

Hopefully recent highly publicized breaches in the financial world will drive information security to the C level of the organization and mandate effective masking tools in application development and test.

TAGGED:Data ManagementInformation SecurityInformation TechnologyPrivacy
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

travel nurse in north carolina
Balancing Speed and Scope: Choosing the Nursing Degree That Fits Your Goals
Nursing
September 1, 2025
intimacy
How to Keep Intimacy Comfortable as You Age
Relationship and Lifestyle Senior Care
September 1, 2025
engineer fitting prosthetic arm
How Social Security Disability Shapes Access to Care and Everyday Health
Health care
August 20, 2025
a woman explaining the document
How a DUI Lawyer Can Help When Your Future Health Feels Uncertain
Public Health
August 20, 2025

You Might also Like

Hospital Infection Rates Decreasing

November 8, 2011
Patient Centered Health Care
Hospital Administration

What Sets PCMH Apart from Other Healthcare Models?

April 23, 2013

The Cost of Quality Medical Supplies

December 2, 2015

Hospitals Push Hard for Medicaid Expansion

May 2, 2013
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?