November 14, 2013
Today’s computerized world is the wave of the future throughout the healthcare industry. Computers are becoming the centerpiece of data management, to store medical records and other patient information, for our healthcare professionals. A patient’s medical record is more accessible than it has ever been, providers are finding a difficult time keeping their patient’s records safe and secure. With this information accessible to anyone who has access to these devices, it has become even more important to keep those without a job related need to know or those stealing devices, out of records that they aren’t entitled to see.
The use of laptops and mobile devices for providers have been a key contributor to breaches a across the country. These devices have made working on the go, from home and virtually anywhere possible to those providers that use this technology. This adds a whole new element to safeguard patient privacy when it can’t be controlled in-house. The health care industry needs to focus on providing proper education, use technical safeguards, have physical protection, and administrative tools set up to handle potential threats. Patient confidentiality is being compromised at all-time highs and the problems aren’t going to go away with mobile technology becoming common place throughout the healthcare industry.
Identification of Problem With the healthcare industry changing from paper to electronic medical records there is a rise in breaches throughout the country. In 2003 the number of breaches reported to the Health & Human Services (HHS) was 3,742 cases and in 2012 there were 10,443 cases reported. (HHS) The rise in these numbers translate from the increasing use of mobile devices that providers have come accustomed to use. A study done by Manhattan Research showed that more than eight in 10 physicians in the United States own a smartphone. (Daley) These physicians can access emails and mobile apps to patient records and other documentation. It has increased productivity, response time, and information and communication access by using these kinds of devices.
With these types of devices they can easily get into the wrong hand. Recent HHS analysis of reported breaches indicates that almost 40% of large breaches involve lost or stolen devices. (Lewis) Devices such as mobile phones, laptops, tablets and storage devices provide easy access to patient charts and communication among providers. Many of these providers use these devices at point of care to help treat and document patient contact. These devices hold important patient data and could be compromised when in the wrong hands.
Nature and Dimensions of the Issue Advocate Health Care reported in August 2013 that four unencrypted laptops were stolen from its facility. There were more than 4 million people whose protected health information were compromised. (Mccann) These laptops were stolen from an unmonitored room and had no or little security to prevent unauthorized access. These records had patient names, addresses, dates of birth, Social Security numbers, health insurance data, medical diagnoses and physician names. This is actually the second major breach for Advocate Health Systems when in 2009 had another unencrypted laptop stolen. Each of these cases could have been prevented with proper encrypted devices and secured areas where these devices are accessible.
A Tennessee healthcare firm experienced a security breach when one of its laptops was stolen from an employee’s home. The laptop contained personal information-Social Security numbers, birth dates and names-of 8,000 people who have visited the healthcare provider since 2005. (Globalscape) Although there was security measures taken to secure the information with fingerprint and password protection this information could still be hacked and used. This