There are pluses and minuses to everything. Some of the pluses of healthcare IT are convenient access to patient medical records for doctors and nurses, ease of sharing research data and improved patient outcomes. But there are enough minuses looming on the horizon in 2012 to give one pause.
Mobile devices are, essentially, pocket computers. They need to be protected as such. Companies like Kaspersky actually offer security software that’s tailored to mobile devices. Yet, a recent study conducted by the Ponemon Institute revealed that more than three-quarters of healthcare workers use their mobile devices to access patient records but less than half of them have any type of security on those devices.
Experts predict that class-action suits will rise because patients’ personal health information hasn’t been secured. Breaches can come as the result of hospitals outsourcing work, like billing, to third-party organizations that don’t guard the patients’ health information as closely as the hospital staff or – and this is more alarming – from healthcare workers misusing social media. More than once, there has been a story in the news about a healthcare worker who vented on his personal Facebook page about a patient. Leaving the patient unnamed in no way lessens the severity of discussing his personal health issues in a public forum.
Breaches in the security of medical records could cause some health providers to lose patients, particularly if the breaches lead to identity theft or medical identity theft. This loss, according to the Ponemon institute’s study, could cost a health provider, on average, $113,000 per patient.
One of the silver linings in this dark cloud is a trend toward increased privacy and security training. Malicious intent is unavoidable. There will always be some people who have ill intentions. The good news is that they are grossly outnumbered by well-meaning, though uneducated, individuals. By making privacy and security training a mandatory, annual event, hospitals and other health organizations can reduce the number of breaches that result from human error.
Healthcare organizations may begin investing in cyber security or data breach insurance. This will cover the costs of litigation and any other expenses that result from compromised patient information. This may be a good idea for the health organizations but not the patients. The cost of the insurance will undoubtedly trickle down to the patients in the form of higher costs per visit.
Another silver lining is an increase in education related to fraud. Those who are at risk can learn how to protect themselves from it. Forewarned is forearmed, as they say, and this awareness may deter some ne’er-do-wells.
Healthcare IT is wonderful in many ways. Electronic medical records make it easy for doctors and nurses to stay up to date with patients’ medical histories. Sharing research data is easier and takes less time. Patients receive better care. But the danger of patients’ records being compromised actually increases when they get shifted to a database or to the cloud. If health organizations can quickly adapt to protect their patients – and themselves – from malice and human error, then 2012 could be a banner year for all.
Looking for a trusted Healthcare IT Professional to help with your EMR and network support? Call us today, we can help with all your healthcare IT needs and requirements.
Ready to speak with a member of our IT consulting and managed IT services team? Use the form to the right to book an initial consultation with your next Baltimore IT services company.