SlideShare a Scribd company logo

Common means of data breaches in healthcare industry

Aegify Inc.
Aegify Inc.

Today healthcare fraud is a multi-billion dollar industry. The recent surveys by two independent organizations further corroborate this fact. In its second annual Patient Privacy and Data Security benchmark survey, Ponemon Institute found that healthcare data breaches are on the rise despite compliance with HIPAA and the HITECH Act, eroding patient privacy, contributing to medical identity theft and costing the healthcare industry billion annually.

TechnologyBusiness
1 of 2
Download to read offline
Common Means of Data Breaches in Healthcare Industry Today healthcare fraud is a multi-billion dollar industry. The recent surveys by two independent organizations further corroborate this fact. In its second annual Patient Privacy and Data Security benchmark survey, Ponemon Institute found that healthcare data breaches are on the rise despite compliance with HIPAA and the HITECH Act, eroding patient privacy, contributing to medical identity theft and costing the healthcare industry billion annually. Even with increased compliance with HIPAA and HITECH acts, the data breaches are showing an upward trend. Another survey by a nonprofit consumer protection organization also points fingers at the sloppy handling of the Patient Health Information (PHI) in the healthcare industry. According to the study conducted by the Privacy Rights Clearinghouse (PRC), of the six most shocking incidents of data breaches, three of them belong to the healthcare industry. Let’ look at some of the common ways by which data breaches happen in healthcare industry. Employee Negligence Negligence on the part of employees is the most important cause for the rise in data breaches. Most of them are not even aware of the need for protecting the health information of patients. Hence, they handle sensitive information of the patients sloppily and carelessly resulting in the loss of billing records and medical files. For instance, recently a hospital in California compromised health information of 4.2 million patients due to employee negligence. The hospital authorities kept the computer containing unencrypted PHI at an unsecure location. Mobile Devices Hospital authorities largely depend on mobile devices to collect, store and exchange health information. The greatest drawback of using mobile devices is that these are unprotected. Lost or Stolen Computing Devices Lost or stolen computing devices are another cause of growing incidence of data breaches in the healthcare industry. As mentioned above, due to security lapses on the part of the employees and authorities, computing devices containing sensitive health information of patients are either lost or stolen. Third Party SNAFU Another important reason for data breaches is lapses on the part of the third parties namely the business associates (BAs). In most cases, there is no BA agreement in place thereby leading to lack of commitment on the part of the BAs in enforcing security procedures.
Hence, what is required is a strict compliance with HIPAA/HITECH laws, training staff and employees about policies and guidelines, encrypting PHI, and so on. These methods can prevent data breaches to a great extent. Also read on - compliance management solution, vendor management solutions

Recommended

Government Data Breaches: An Inside Job? [Infographic]
Government Data Breaches: An Inside Job? [Infographic]Government Data Breaches: An Inside Job? [Infographic]
Government Data Breaches: An Inside Job? [Infographic]
Chief Optimist
 
The Automated States of America: Transforming the Future of Government IT [In...
The Automated States of America: Transforming the Future of Government IT [In...The Automated States of America: Transforming the Future of Government IT [In...
The Automated States of America: Transforming the Future of Government IT [In...
Chief Optimist
 
3 Perspectives Around Data Breaches
3 Perspectives Around Data Breaches3 Perspectives Around Data Breaches
3 Perspectives Around Data Breaches
Symantec
 
Importance of Following HITECH Compliance Guidelines
Importance of Following HITECH Compliance Guidelines Importance of Following HITECH Compliance Guidelines
Importance of Following HITECH Compliance Guidelines
Aegify Inc.
 
The UCF® Announces UCFinterchange to Support Cybersecurity
The UCF® Announces UCFinterchange to Support CybersecurityThe UCF® Announces UCFinterchange to Support Cybersecurity
The UCF® Announces UCFinterchange to Support Cybersecurity
Aegify Inc.
 
eGestalt Technologies Named Winner of 2013 TiE50 “Top Startup” at TiEcon 2013
eGestalt Technologies Named Winner of 2013 TiE50 “Top Startup” at TiEcon 2013eGestalt Technologies Named Winner of 2013 TiE50 “Top Startup” at TiEcon 2013
eGestalt Technologies Named Winner of 2013 TiE50 “Top Startup” at TiEcon 2013
Aegify Inc.
 
Webinar on HIPAA Omnibus Demystified
Webinar on HIPAA Omnibus DemystifiedWebinar on HIPAA Omnibus Demystified
Webinar on HIPAA Omnibus Demystified
Aegify Inc.
 
eGestalt presents at RSA 2013, where the world talks security
eGestalt presents at RSA 2013, where the world talks securityeGestalt presents at RSA 2013, where the world talks security
eGestalt presents at RSA 2013, where the world talks security
Aegify Inc.
 

Recommended

Government Data Breaches: An Inside Job? [Infographic]
Government Data Breaches: An Inside Job? [Infographic]Government Data Breaches: An Inside Job? [Infographic]
Government Data Breaches: An Inside Job? [Infographic]
Chief Optimist
 
The Automated States of America: Transforming the Future of Government IT [In...
The Automated States of America: Transforming the Future of Government IT [In...The Automated States of America: Transforming the Future of Government IT [In...
The Automated States of America: Transforming the Future of Government IT [In...
Chief Optimist
 
3 Perspectives Around Data Breaches
3 Perspectives Around Data Breaches3 Perspectives Around Data Breaches
3 Perspectives Around Data Breaches
Symantec
 
Importance of Following HITECH Compliance Guidelines
Importance of Following HITECH Compliance Guidelines Importance of Following HITECH Compliance Guidelines
Importance of Following HITECH Compliance Guidelines
Aegify Inc.
 
The UCF® Announces UCFinterchange to Support Cybersecurity
The UCF® Announces UCFinterchange to Support CybersecurityThe UCF® Announces UCFinterchange to Support Cybersecurity
The UCF® Announces UCFinterchange to Support Cybersecurity
Aegify Inc.
 
eGestalt Technologies Named Winner of 2013 TiE50 “Top Startup” at TiEcon 2013
eGestalt Technologies Named Winner of 2013 TiE50 “Top Startup” at TiEcon 2013eGestalt Technologies Named Winner of 2013 TiE50 “Top Startup” at TiEcon 2013
eGestalt Technologies Named Winner of 2013 TiE50 “Top Startup” at TiEcon 2013
Aegify Inc.
 
Webinar on HIPAA Omnibus Demystified
Webinar on HIPAA Omnibus DemystifiedWebinar on HIPAA Omnibus Demystified
Webinar on HIPAA Omnibus Demystified
Aegify Inc.
 
eGestalt presents at RSA 2013, where the world talks security
eGestalt presents at RSA 2013, where the world talks securityeGestalt presents at RSA 2013, where the world talks security
eGestalt presents at RSA 2013, where the world talks security
Aegify Inc.
 
Security Posture Management Enters the Cloud
Security Posture Management Enters the CloudSecurity Posture Management Enters the Cloud
Security Posture Management Enters the Cloud
Aegify Inc.
 
eGestalt Announces Next Generation Security Posture Management with Aegify
eGestalt Announces Next Generation Security Posture Management with AegifyeGestalt Announces Next Generation Security Posture Management with Aegify
eGestalt Announces Next Generation Security Posture Management with Aegify
Aegify Inc.
 
Implications of hipaa non compliance
Implications of hipaa non complianceImplications of hipaa non compliance
Implications of hipaa non compliance
Aegify Inc.
 
Address Threat Management - No Ifs and Buts
Address Threat Management - No Ifs and ButsAddress Threat Management - No Ifs and Buts
Address Threat Management - No Ifs and Buts
Aegify Inc.
 
eGestalt Named a 2012 ‘Emerging Vendor’by CRN and UBM Channel
eGestalt Named a 2012 ‘Emerging Vendor’by CRN and UBM ChanneleGestalt Named a 2012 ‘Emerging Vendor’by CRN and UBM Channel
eGestalt Named a 2012 ‘Emerging Vendor’by CRN and UBM Channel
Aegify Inc.
 
IT Compliance and Security Solutions
IT Compliance and Security SolutionsIT Compliance and Security Solutions
IT Compliance and Security Solutions
Aegify Inc.
 
SecureGRC SB™ HIPAA and HITECH
SecureGRC SB™ HIPAA and HITECHSecureGRC SB™ HIPAA and HITECH
SecureGRC SB™ HIPAA and HITECH
Aegify Inc.
 
Webinar on HIPAA/HITECH compliance services for healthcare industry
Webinar on HIPAA/HITECH compliance services for healthcare industryWebinar on HIPAA/HITECH compliance services for healthcare industry
Webinar on HIPAA/HITECH compliance services for healthcare industry
Aegify Inc.
 
Importance of Healthcare Compliance Solutions
Importance of Healthcare Compliance SolutionsImportance of Healthcare Compliance Solutions
Importance of Healthcare Compliance Solutions
Aegify Inc.
 
Key featuresofcloudbasedsaas
Key featuresofcloudbasedsaasKey featuresofcloudbasedsaas
Key featuresofcloudbasedsaas
Aegify Inc.
 
NetWitness Decoder
NetWitness DecoderNetWitness Decoder
NetWitness Decoder
Aegify Inc.
 
SecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRCSecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRC
Aegify Inc.
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
hans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
V3cube
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Khem
 

More Related Content

More from Aegify Inc.

Key featuresofcloudbasedsaas
Key featuresofcloudbasedsaasKey featuresofcloudbasedsaas
Key featuresofcloudbasedsaas
Aegify Inc.
 

More from Aegify Inc. (12)

Security Posture Management Enters the Cloud
Security Posture Management Enters the CloudSecurity Posture Management Enters the Cloud
Security Posture Management Enters the Cloud
 
eGestalt Announces Next Generation Security Posture Management with Aegify
eGestalt Announces Next Generation Security Posture Management with AegifyeGestalt Announces Next Generation Security Posture Management with Aegify
eGestalt Announces Next Generation Security Posture Management with Aegify
 
Implications of hipaa non compliance
Implications of hipaa non complianceImplications of hipaa non compliance
Implications of hipaa non compliance
 
Address Threat Management - No Ifs and Buts
Address Threat Management - No Ifs and ButsAddress Threat Management - No Ifs and Buts
Address Threat Management - No Ifs and Buts
 
eGestalt Named a 2012 ‘Emerging Vendor’by CRN and UBM Channel
eGestalt Named a 2012 ‘Emerging Vendor’by CRN and UBM ChanneleGestalt Named a 2012 ‘Emerging Vendor’by CRN and UBM Channel
eGestalt Named a 2012 ‘Emerging Vendor’by CRN and UBM Channel
 
IT Compliance and Security Solutions
IT Compliance and Security SolutionsIT Compliance and Security Solutions
IT Compliance and Security Solutions
 
SecureGRC SB™ HIPAA and HITECH
SecureGRC SB™ HIPAA and HITECHSecureGRC SB™ HIPAA and HITECH
SecureGRC SB™ HIPAA and HITECH
 
Webinar on HIPAA/HITECH compliance services for healthcare industry
Webinar on HIPAA/HITECH compliance services for healthcare industryWebinar on HIPAA/HITECH compliance services for healthcare industry
Webinar on HIPAA/HITECH compliance services for healthcare industry
 
Importance of Healthcare Compliance Solutions
Importance of Healthcare Compliance SolutionsImportance of Healthcare Compliance Solutions
Importance of Healthcare Compliance Solutions
 
Key featuresofcloudbasedsaas
Key featuresofcloudbasedsaasKey featuresofcloudbasedsaas
Key featuresofcloudbasedsaas
 
NetWitness Decoder
NetWitness DecoderNetWitness Decoder
NetWitness Decoder
 
SecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRCSecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRC
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Recently uploaded (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

Common means of data breaches in healthcare industry

  • 1. Common Means of Data Breaches in Healthcare Industry Today healthcare fraud is a multi-billion dollar industry. The recent surveys by two independent organizations further corroborate this fact. In its second annual Patient Privacy and Data Security benchmark survey, Ponemon Institute found that healthcare data breaches are on the rise despite compliance with HIPAA and the HITECH Act, eroding patient privacy, contributing to medical identity theft and costing the healthcare industry billion annually. Even with increased compliance with HIPAA and HITECH acts, the data breaches are showing an upward trend. Another survey by a nonprofit consumer protection organization also points fingers at the sloppy handling of the Patient Health Information (PHI) in the healthcare industry. According to the study conducted by the Privacy Rights Clearinghouse (PRC), of the six most shocking incidents of data breaches, three of them belong to the healthcare industry. Let’ look at some of the common ways by which data breaches happen in healthcare industry. Employee Negligence Negligence on the part of employees is the most important cause for the rise in data breaches. Most of them are not even aware of the need for protecting the health information of patients. Hence, they handle sensitive information of the patients sloppily and carelessly resulting in the loss of billing records and medical files. For instance, recently a hospital in California compromised health information of 4.2 million patients due to employee negligence. The hospital authorities kept the computer containing unencrypted PHI at an unsecure location. Mobile Devices Hospital authorities largely depend on mobile devices to collect, store and exchange health information. The greatest drawback of using mobile devices is that these are unprotected. Lost or Stolen Computing Devices Lost or stolen computing devices are another cause of growing incidence of data breaches in the healthcare industry. As mentioned above, due to security lapses on the part of the employees and authorities, computing devices containing sensitive health information of patients are either lost or stolen. Third Party SNAFU Another important reason for data breaches is lapses on the part of the third parties namely the business associates (BAs). In most cases, there is no BA agreement in place thereby leading to lack of commitment on the part of the BAs in enforcing security procedures.
  • 2. Hence, what is required is a strict compliance with HIPAA/HITECH laws, training staff and employees about policies and guidelines, encrypting PHI, and so on. These methods can prevent data breaches to a great extent. Also read on - compliance management solution, vendor management solutions