• E-mail
• Print
• RSS

HIMSS report analyzes status of information security in U.S. hospitals

HIPAA Weekly Advisor, May 26, 2008

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

The Health Information Management Systems Society (HIMSS) recently released a report addressing the state of security of patient information in U.S. hospitals. HIMSS Analytics surveyed 263 senior information technology (IT) executives, chief security officers and health information managers for the report.

A survey of respondents revealed the following:

• A lack of awareness concerning the frequency and seriousness of identity theft exists. Causes include factors such as regulatory loopholes, an emphasis on privacy instead of fraud or malicious behavior, a lack of understanding of the true cost and impact of a breach.
• The healthcare industry needs complex information security systems that address a hierarchy of needs. Consequently, needs more directly related to patient treatment often overshadow resources devoted to patient data security.
• The larger a facility is, the greater its risk of a breach.
• Security education for staff members is only one element of an effective security policy, so organizations must ensure that they address their security policy more broadly. This includes monitoring employee compliance and enforcing security policies.

The report, entitled “2008 HIMSS Analytics Report: Security of Patient Data” and commissioned by Kroll Fraud Solutions, a global risk consulting company, was released in April. It may be viewed on the Kroll Fraud Solutions Web site.

Click here to view the report.

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

• Comment
• E-mail to a Colleague
• Print
• RSS
• Archive

Comments