By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Protected Health Information Security: You Should Be Worried
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Medical Records > Protected Health Information Security: You Should Be Worried
BusinessMedical RecordsPolicy & Law

Protected Health Information Security: You Should Be Worried

philcsolomon
philcsolomon
Share
5 Min Read
Protected Health Information
SHARE

Protected Health InformationIt seems like every day, we hear another story in the news about a breach of security that caused personal health information and financial information to be lost or stolen by hackers and thieves.

Protected Health InformationIt seems like every day, we hear another story in the news about a breach of security that caused personal health information and financial information to be lost or stolen by hackers and thieves.

With the increasing incidences of healthcare related breaches, providers must become more diligent in securing protected health information (PHI).

The HITECH Act, implemented and enforced by HHS, CMS, and OCR, and recently updated and finalized in the HIPAA Omnibus Rule seems to be having a slight positive impact on security. Even though payers and providers have stepped up their game securing data; the risks for data loss are still present.

More Read

Healthcare In Rural Ameica
Improving Access To Healthcare In Rural America
How To Increase Patients? Think Like A Patient (5 Quick Ideas)
Fiscal Cliff Dwellers: Don’t Forget, You Could Always Beef Up IPAB
4 Important Ways Healthcare Technology Improves Your Patient Care
Look Out For These Key Signs Of Healthcare Fraud Targeting Seniors

According to Redspin, a healthcare IT security firm, there has been an explosion of protected health information security incidents over the past five years. For example, the following is a summary of healthcare breach highlights from 2009 through 2013:

– 804 breaches of protected health information since 2009
– 29,276,385 patient health records affected by breach since 2009
– 7,095,145 patient health records breached in 2013
– 137.7% increase in the number of patient records breached in 2012-2013
– 85.4% of the total records breached in 2013 resulted from the 5 largest incidents
– 4,029,530 records breached in the single largest incident
– 83.2% of 2013 of patient records breached in 2013 resulted from theft
– 22.1% of breach incidents in 2013 resulted from unauthorized access
– 35% of 2013 incidents were due to the loss or theft of an unencrypted laptop or other portable electronic device
– 20% of protected health information (PHI) breaches have involved a business associate each year from 2009-2013

The Annual Report to Congress on Breaches of Unsecured Protected Health Information for 2011 and 2012 identified the type of breaches, the causes of data breach and the source of data breaches. They are listed in order as follows:

Breaching Entity
1. Providers
2. Business Associates
3. Health Plans

Causes of Data Breach
1. Theft
2. Loss of PHI
3. Unauthorized Access
4. Hacking/IT incident

Sources of Breach
1. Laptop
2. Paper
3. Server
4. Desktop Computer
5. Other Portable Device
6. Email
7. Electronic Medical Records
8. Other

Here are some steps to protect patient’s health records and data in your organization:

1. Provide security awareness and privacy education training for your staff
2. Review and update your physical security and access control policies
3. Update the controls to protect networks to ensure safeguards against unauthorized users accessing PHI through such mechanisms as:
– Computer auto-locking and screen saver locks
– Unique usernames and password protection
– Extensive logging of computing activity
4. Physical access controls that include, but are not limited to the use of:
– CCTV coverage 24×7
– Proximity badge access and logging controls
– Periodical review of access rights and reconciliation
5. Incident Response
6. Adherence of Red Flag Rules
7. Develop a comprehensive incident response program to ensure proper and prompt identification of potential threats to physical and data network
8. Train the staff on proper notification channels if patient information compromise
9. Perform internal quarterly security risk assessments to ensure ongoing compliance and gap remediation between evaluation periods
10. Contract with a third-party security firm annually to perform a security assessment

More entities are following the advice of experts and updating (or creating) their security risk mitigation strategies for protected health information to secure their data and prevent breaches from occurring in the future. Let’s hope the results in 2014 shows a decline of security events. If so, I think we’ll all sleep better at night.

TAGGED:HITECH ACTPrivacysecurity
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

Nurse Scheduling Software
Evaluating 7 Best Nurse Scheduling Software
Nursing Technology
October 28, 2025
contamination
Batch Failures And The Hidden Costs Of Contamination
Health Infographics
October 21, 2025
Medication Management For Seniors
Simplifying Medication Management For Seniors
Infographics Senior Care
October 21, 2025
Guide To Pursuing a Career in Nursing as a Foreigner in the USA
Collaboration Is the Prescription for Better Patient Care
Health
October 20, 2025

You Might also Like

Health careHealth ReformSpecialtiesWellness

Recognizing When You Are Enabling A Person Struggling with Addiction

October 27, 2017
password management for healthcare companies
BusinessHospital Administration

5 Crucial Password Management Questions for Healthcare Providers

November 5, 2020
health care management
BusinessFinanceHospital Administration

3 Tips for Great Health Care Management

March 13, 2015

Repeal and Do What Exactly?

March 31, 2012
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?