HIPAA Summit West: 1 in 4 Organizations Report Data Breaches
- Paper records: 24%
- Laptop: 23%
- Desktop computer: 17%
- Portable electronic device: 16%
- Network server: 10%
In August, McAfee reported that hackers broke into the United Nations data system and hid there for two years unnoticed, Pabrai said.
"How do we know that someone isn't hiding in our systems, and how long have they been there?" Pabrai asked the audience. "Do we have appropriate controls? What is the state of our information security?" Do you have intrusion protection and intrusion prevention in place?
"This is not just a compliance issue," Pabrai said. "This will have significant risk to the organization and will impact your facility in the seven figures."
So what are the struggles today for privacy and security officers?
In some cases, many in these roles are performing too many tasks. For example, the privacy officer is also the health information management director, the security officer is also the compliance officer, or the compliance officer handles privacy complaints.
These multiple roles, if possible, should be avoided, said Phyllis A. Patrick, MBA, FACHE, CHC, president, Phyllis A. Patrick & Associates, LLC, Purchase, N.Y.
- CMS to Speak with ICD-10 Backers Tuesday
- Feds Stonewall ICD-10 Summit
- Boston Marathon Bombing Yields Lessons for Hospitals
- Governor Details Healthcare Payment Reform Path in Arkansas
- Hospital Groups Back NQF Report on Patient Sociodemographics
- Managed Care Contract Negotiations Morph Under PPACA
- Cyberattack Drill Exposes Healthcare's Vulnerabilities
- Physician Payment Data is Where the Action Is
- NY Abolishes Written Practice Agreement for NPs
- MetroHealth Revs Its Population Health Engine