Impact and Implications of health Care Data Breaches

Impact and Implications of health Care Data Breaches

Data breaches in the Health Care Delivery Systems cost more to remediate than in other sectors. This may be because such incidents affect Thousands of people. Experts advocate fast response to Cybersecurity breaches is important.

On March 19, 2015, Health IT Security reported that the “Associated Dentists in Minnesota are notifying patients that their information may have been compromised” due to recent “incident in which two laptops were stolen.” In this incident, “one of the devices was encrypted, while the other was password-protected but not encrypted.” The report said the information on the devices included: “Names, Addresses, Birthdays, and Social Security numbers. It was also believed that such information that may have been compromised “included: Email addresses, Diagnosis, Insurer names and policy numbers, Physician names and information, and Procedure and billing information.”  Health IT Security reported that about “500 individuals’ information may have been affected.” “Under HHS rules, such notification is required if the breach affects at least 500 individuals” (Snell, Health IT Security, 5/19).

Another health care data breach was reported by Health Data Management on November 2013. Beacon Health System in Indiana notified that “220,000 patients were affected due to unauthorized multiple access at the delivery system via phishing attack” The attack affected two hospitals and affiliated physicians. According to iHealthBeat.com, the following information were compromised: “Names, Birthdays, Diagnosis, Driver’s license numbers, Patient Identification numbers, Physician names, Service dates, Treatments, Patient statuses, and other medical information”

Also on February 19, 2014, Health IT Security reported that Buffalo Heart Group in New York notified of breach in information as a result of unauthorized third party access to health information. The compromised information included: Addresses, Appointment schedules, Bill information, Dates of birth, Names; and Telephone numbers.

Unity Recovery Group notified the state’s attorney general on April 2014 of a data breach as a result of unauthorized disclosure of patient’s personal information. The information breach related to: Names, Addresses, Dates of birth, E-mail addresses, Insurance Information, health-related information, telephone numbers and Social Security numbers (iHealthBeat.org.2015, June 1).

Further, Consolidated Tribal Health Project in California, Jersey City Medical Center in New Jersey (1,400 patient’s information were accidentally sent in spreadsheet to an unauthorized recipient), New York City health and Hospitals (90,000 patients health information were compromised when a former staff transferred files that contained protected health information to her personal email account (Becker’s Health IT & CIO Review, beckershospitalsreview.com, 2015, May- 21).

The impact of these health data breaches is rising cost of health care delivery. For example, according to iHealthBeat.org (2015 May-29), in a study released by Ponemon Institute (Modern Healthcare), “the cost of a health care data breach is $363 per exposed personally identifiable record, as compared to $154 per exposed record across all industries.” The implication is that health care goes beyond the reach of the common man.

The remedy is for better risk/threat management. Information Security Personal in the Health Care Delivery System have to ensure that the InfoSec policy, regulations, and procedures are constantly being followed. In addition, with the increasing innovation in IT network devices, applications, resources and migration to mobile platforms in the medical sector, there’s need for health care providers to involve IT Security Professionals and Managers to help plan, manage and secure their systems and operations from attacks.   

References

Newly reported Health Care Data Breaches Could Affect Thousands. June 1, 2015. December 18, 2015. Retrieved from: http://www.ihealthbeat.org/articles/2015/6/1/newly-reported-health-care-data-breaches-could-affect-thousands

Elizabeth, Snell. Possible Health Data Breaches from Theft, Unauthorized Access. May 19, 2015. December 18, 2015. Retrieved from: http://healthitsecurity.com/news/possible-health-data-breaches-from-theft-unauthorized-access

Becker’s Health IT & CIO Review. May 21, 2015. December 18, 2015. Retrieved from: http://www.beckershospitalreview.com/healthcare-information-technology/new-york-city-hhs-reports-possible-phi-disclosure-of-90-000-patients.html