Data Security Inadequate at 71% of Hospitals

Dom Nicastro, November 9, 2010

The HITECH Act has been under recent scrutiny for not improving the safety of patient records, according to research from The Ponemon Institute.

For 65 hospitals mostly in the 100- to 600-bed range, 71% of respondents say they have inadequate resources to prevent and quickly detect patient data loss. The same percentage of respondents say federal regulations like HITECH have not improved the safety of patient records, research from the "Benchmark Study on Patient Privacy and Data Security" conveys.

Rick Kam, founder of the study sponsor, ID Experts, says he often hears that hospital leaders do not provide the necessary resources and do not make protecting patients' privacy a priority.  "We need to do a better job," Kam adds. "This is a call to action."

Study findings include the following:

  • The majority of responding organizations have less than two staff dedicated to data protection management (67%)
  • Hospitals say that protecting patient data is not a top priority (70%)
  • Most at risk is patient billing information and medical records, which is not being protected
  • Patients are typically first to detect a significant number of breaches at healthcare organizations (41%)
Dom Nicastro Dom Nicastro is a contributing writer. He edits the Medical Records Briefings newsletter and manages the HIPAA Update Blog.
Facebook icon
LinkedIn icon
Twitter icon