Posts Tagged ‘healthcare data security’

Guest Post: A Report on Healthcare Data Security & Privacy Compliance

July 26th, 2018 by Gary Palgon

Privacy and security regulations for enterprise data in healthcare organizations are complex and current efforts to bolster enterprise data compliance among all organizations, including those in healthcare, are immature and ineffective, according to a recent study conducted by Aberdeen, an industry analyst firm.

In fact, 86 percent of 112 hospitals and hospital groups in the study are dealing with multiple types of data and data-related processes that are subject to compliance requirements. This is not surprising because healthcare organizations generate, collect, store and manage financial transactions, personally identifiable information, protected health information, employee records and confidential or intellectual property records such as partnership agreements and contracts.

When asked if their organizations were compliant with 11 common regulations and frameworks for data privacy and security, only 65 percent reported achievement. PHI has the highest percentage of compliance reported—85 percent. The lowest compliance rates were reported for ISO 27001 and the General Data Protection Regulation at 63 percent and 48 percent respectively.

To measure the maturity of healthcare organizations’ efforts to comply with privacy and security requirements for data, Aberdeen developed a Net Maturity Index across six key elements of an enterprise data lifecycle. An index score above 50 percent indicates strong maturity in compliance activities and below 50 percent indicates immaturity.

Managing data, which includes normalizing, cleansing, validating and correlating data, earned a 66.6 percent score for healthcare respondents, the only element that indicated maturity. Scores for other key elements were:

  • 49 percent for storing data—persistent, on-demand, self-service access to data;
  • 41.2 percent for protecting data—encryption, tokenization;
  • 33.4 percent for syndicating data between any two applications—including mobile, connected devices, on-premises or cloud;
  • 25.4 percent for ingesting data into a common repository—cloud-based, data lakes; and
  • 3.9 percent for integrating data from multiple sources—disparate sources, formats and protocols

The immaturity of the data lifecycle and associated enterprise data compliance efforts has real-world consequences for healthcare entities. Four out of five (81 percent) study participants reported at least one data privacy and non-compliance issue in the past year, and two out of three (66 percent) reported at least one data breach in the past year.

Investment in data compliance efforts is not lacking. A median of 37 percent of the overall IT budget of healthcare survey respondents is allocated to data compliance activities. This is a significant amount of funding to still experience data breaches, data compliance issues and low percentage of achievement of compliance with multiple enterprise data security and privacy regulations. When compared to respondents from life science and other industries, healthcare respondents reported the highest percentage of the IT budget devoted to data compliance.

The survey also indicated that healthcare organizations are more likely than organizations in other industries to have instituted compliance-specific governance processes and appointed specialized leadership such as data protection officers, compliance officers or chief risk officers, to oversee enterprise data compliance initiatives. While these are often considered to be best practices for achieving data compliance, still less than half of all healthcare organizations have instituted these approaches. Having specialized leadership is one of the most likely ways to effectively address enterprise data security and privacy compliance issues but it may also present further complications. Although the role may be assigned to an individual, the task of ensuring compliance with multiple regulations that evolve and change along with new technology and the addition of new data sources, requires an expertise that is difficult to achieve and oversee by one person who probably wears multiple hats in the organization.

One solution to the complex, challenging task of achieving data security and privacy compliance is the use of third-party providers who can address the healthcare organization’s need to enhance integration, management and storage of data. Providers who are experts at data management and integration but also provide the added value of the expertise needed to ensure compliance with regulatory requirements affecting data will offset some of the burden on hospital staff. The solution is not a simple application or a one-off project. Achieving and sustaining compliance with data privacy and security rules as they evolve is an ongoing effort.

The study also points to the need to better manage financial investment in compliance strategies. One option for healthcare organizations is managed services agreements with data management and integration providers. Switching to a predictable, monthly fee versus periodic capital investment or ongoing efforts that are ineffective frees IT funds to be used to advance other hospital goals.

Although many healthcare organizations do not consider outsourcing some of their data management, integration and compliance challenges, but choosing a partner wisely—one with expertise in healthcare as well as other data-centric industries with multiple privacy and security requirements—can reduce the compliance burden on an already overworked hospital IT staff and make funds available to continue digital transformation or other strategic initiatives.

Read the overall survey report here: Enterprise Data in 2018: The State of Privacy and Security Compliance

Read the brief on results for healthcare organizations here: Enterprise Data in 2018: The State of Privacy and Security Compliance in Healthcare

About the Author:

Gary Palgon

Gary Palgon

Gary Palgon is vice president of healthcare and life sciences solutions at Liaison Technologies. In this role, Gary leverages more than two decades of product management, sales, and marketing experience to develop and expand Liaison’s data-inspired solutions for the healthcare and life sciences. His unique blend of expertise bridges the gap between the technical and business aspects of healthcare, data security, and electronic commerce.

Infographic: Protecting Patient Data in Today’s Digital Healthcare World

April 19th, 2017 by Melanie Matthews

The healthcare industry continues to ride the digital wave to improve patient care and organizational efficiency while reducing costs. Hospitals and health systems are relying on electronic health records, the cloud, and the Internet of Things (IoT) more than ever. While these technologies are convenient, efficient, and enable a higher degree of patient-centric care, they can be jeopardized by cybercriminals, according to a new infographic by Fortinet.

The infographic examines how healthcare organizations can protect their patients’ data in a digital healthcare landscape.

2016 Healthcare Benchmarks: Data Analytics and IntegrationThe 2016 Healthcare Benchmarks: Data Analytics and Integration assembles hundreds of metrics on data analytics and integration from hospitals, health plans, physician practices and other responding organizations, charting the impact of data analytics on population health management, health outcomes, utilization and cost.

2016 Healthcare Benchmarks: Data Analytics and Integration examines the goals, data types, collection processes, program elements, challenges and successes shared by healthcare organizations responding to the January 2016 Data Analytics survey by the Healthcare Intelligence Network. Click here for more information.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: Is Your Healthcare Data Safe?

December 12th, 2016 by Melanie Matthews

Data loss from U.S. hospitals, urgent care centers, dental practices and clinics is reaching epidemic proportions, according to a new infographic from safetica. Last year the confidential records of one-in-three healthcare patients in the United States were compromised. But what are the costs and causes of data breaches—and how can they be prevented?

The infographic examines the impact of data breaches, the cost of a data breach and a checklist to compare your organization’s data security practices against recent HIPAA case law.

Is Your Patient Data Protected?

2016 Healthcare Benchmarks: Data Analytics and IntegrationThe 2016 Healthcare Benchmarks: Data Analytics and Integration assembles hundreds of metrics on data analytics and integration from hospitals, health plans, physician practices and other responding organizations, charting the impact of data analytics on population health management, health outcomes, utilization and cost.

2016 Healthcare Benchmarks: Data Analytics and Integration examines the goals, data types, collection processes, program elements, challenges and successes shared by healthcare organizations responding to the January 2016 Data Analytics survey by the Healthcare Intelligence Network. Click here for more information.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today. Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: Hidden Encrypted Threats Impact Healthcare

November 11th, 2016 by Melanie Matthews

Healthcare organizations are increasingly targeted by cyber criminals seeking to steal electronic protected health information, electronic health records, personally identifiable information and other confidential patient data, according to a new infographic by A10.

The infographic examines the healthcare cyber threat, the need for SSL, why healthcare organizations have been slow to adopt SSL and the top SSL decryption tools.

2016 Healthcare Benchmarks: Digital HealthPerson-centric health management is slowly acknowledging the device-driven lives of patients and health plan members and incorporating these tools into care delivery and management efforts.

2016 Healthcare Benchmarks: Digital Health examines program goals, platforms, components, development strategies, target populations and health conditions, patient engagement metrics, results and challenges reported by healthcare organizations responding to the February 2016 Digital Health survey by the Healthcare Intelligence Network.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: Healthcare IT Needs A Data Checkup

October 24th, 2016 by Melanie Matthews

Medical technology, devices, robotics and procedures are moving at an astounding rate, ushering us into an innovative new era of healthcare, according to a new infographic by NaviSite. However, healthcare IT infrastructure, data management, security and access are not keeping pace.

The infographic examines technology use in healthcare, patient expectations and patient privacy and security challenges.

2016 Healthcare Benchmarks: Data Analytics and IntegrationThe 2016 Healthcare Benchmarks: Data Analytics and Integration assembles hundreds of metrics on data analytics and integration from hospitals, health plans, physician practices and other responding organizations, charting the impact of data analytics on population health management, health outcomes, utilization and cost.

2016 Healthcare Benchmarks: Data Analytics and Integration examines the goals, data types, collection processes, program elements, challenges and successes shared by healthcare organizations responding to the January 2016 Data Analytics survey by the Healthcare Intelligence Network. Click here for more information.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: The Healthcare Security Challenge

October 21st, 2016 by Melanie Matthews

The role of IT in healthcare delivery has expanded dramatically in just the last few years—and so has the threat from data thieves. A single, stolen healthcare record is worth hundreds of dollars on the black market—creating an estimated $6 billion cybersecurity problem for the industry as a whole, according to a new infographic by NaviSite.

The infographic examines the latest data on the healthcare security problem and a seven-step plan for protection.

2016 Healthcare Benchmarks: Digital HealthPerson-centric health management is slowly acknowledging the device-driven lives of patients and health plan members and incorporating these tools into care delivery and management efforts.

2016 Healthcare Benchmarks: Digital Health examines program goals, platforms, components, development strategies, target populations and health conditions, patient engagement metrics, results and challenges reported by healthcare organizations responding to the February 2016 Digital Health survey by the Healthcare Intelligence Network.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: The Year of the Healthcare Data Breach

January 1st, 2016 by Melanie Matthews

The healthcare industry has become a high-profile target for cyber criminals. For the first half of 2015, healthcare ranked #1 in terms of notable incidents of records compromised, with nearly 34 percent of all records compromised across all industries, according to a new infographic by IBM.

The infographic looks at the impact of healthcare data breaches and why healthcare data is so valuable.

Business Associate ManualBusiness Associate Manual is a template-style manual that can be easily adapted to align with your compliance needs as a business associate (BA). All content complies with the Omnibus Rule.

Specifically developed to help BAs meet complex privacy & security compliance requirements. The Business Associate Manual includes: 6 privacy policies; 30 security policies; 6 policies that address common requirements of both the privacy and security rules; 1 breach notification policy; and 4 forms and templates.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: Health Security in the Internet of Things

March 27th, 2015 by Melanie Matthews

With the growing trend toward the Internet of Things (IoT) in healthcare, including wearables, embedded devices and other health and wellness monitoring devices, there is no doubt that networked healthcare offers numerous benefits, not only to the individuals involved, but to the healthcare industry as a whole, according to a new infographic by McAfee.

However, less than 60 percent of healthcare providers have implemented security controls or a basic risk assessment for their IoT devices.

The infographic outlines the benefits and risks of IoT deployment in healthcare.

E-Healthcare Systems and Wireless Communications: Current and Future ChallengesThe goal of E-Healthcare Systems and Wireless Communications: Current and Future Challenges is to explore the developments and current/future challenges in the successful deployment of future e-Healthcare Systems. The book combines the research efforts in different disciplines from pervasive wireless communications, wearable computing, context-awareness, sensor data fusion, artificial intelligence, neural networks, expert systems, databases, security and privacy.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: Top 5 Health Data Breaches

September 3rd, 2014 by Melanie Matthews

Overall, 17 million people have been affected by the top five healthcare data breaches, according to the Information Security Media Group.

An infographic by the Information Security Media Group looks at each of these breaches…with details on when and how they happened.

Top 5 Health Data Breaches

Business Associate Manual The Business Associate Manual is a template-style manual that can be easily adapted to align with your compliance needs as a business associate (BA). All content complies with the Omnibus Rule.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: HIPAA, HiTech and Cloud Security

June 28th, 2013 by Melanie Matthews

As more and more healthcare data is stored electronically, the opportunities for HIPAA violations and security breaches are increasing.

Increased use of EMRs, mobile access to healthcare data and the cloud have increased the risk of healthcare data security and raised concerns among patients about the security and privacy of their healthcare information, according to a new infographic by Green House Data. The infographic also details the types of security breaches that have occurred.

Healthcare IT --- HIPAA, HiTech and Cloud Security

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

You may also be interested in this related resource: Electronic Health Records: Strategies for Long-Term Success.