Register | Login
Advertising
Register
Login
Most-Viewed Articles
New Articles
Publishing Log
Top Publishers
Top-Rated Authors
Top Searches
Trending Articles
Trending Searches
Animals
Arts
Business
Computers
Education
Finance
Games
Health
Home
Internet
News
Recreation
Science
Shopping
Society
Sports
Technology

Hospitals Look to Data Loss Prevention Software to Meet HIPAA Requirements

Posted by skyhighnetworks on July 4th, 2014

Just recently, the New York-Presbyterian Hospital and Columbia University paid the government $4.8 million, making it the largest settlement of its kind, to date, in order to resolve the charges stemming from a horrific exposure of 6,800 patient records. According to Ponderosa Partners analyst, Lars Dempsey, “Healthcare privacy disasters not only cost the institution at fault millions of dollars, but also harm all patients who can be victims of identity theft and other misdemeanors.”

The case stems from a situation where a Columbia University physician mistakenly leaked New York-Presbyterian patients’ vital signs, medications, and laboratory results onto the Internet after trying to deactivate a “personally-owned computer server,” which was connected to a shared network, the Office for Civil Rights stated. Later, an individual who discovered a deceased patient’s data through an Internet search engine notified the hospital, which then reported the breach to the Office of Civil Rights.

Both entities failed to ensure that the server had the proper software protections, and to identify all computer systems that accessed its electronic health information, said the Office of Civil Rights.

“Although clinicians frequently use personal computers, smartphones or tablets to conduct academic research, it’s unusual for a physician to use their own server for work”, stated Judy Hanover, an IDC analyst covering healthcare information technology. “There shouldn’t be a personally-owned server on a network at all in a hospital,” said Ms. Hanover. She also mentioned that organizations, which are collaborating on joint academic research, might not always communicate via data security safe methods, thus leaving some avenues for vulnerabilities.

Despite the recent rise in enforcement of privacy rules via the Health Insurance Portability and Accountability Act, a set of rules established in 1996 that requires enterprises to protect and secure patient data, and come out with any leaks or breaches of patient data. Since its inception, the OCR has recoded close to 1000 reports of breaches or leaks involving more than 500 victimized patients. According to Darren Dworkin, Chief Information Officer of Cedars-Sinai Medical Center, “We simply have to do better.” Recently, more CIO’s and information technology teams have been adopting a technology called data loss prevention software, to deter and prevent such breaches and leaks from occurring.

In summary, its important that healthcare information technology professionals pursue security measures such as data loss prevention software solutions to prevent large-scale sensitive data catastrophes. As seen in the aforementioned example of the New York-Presbyterian Hospital and Columbia University, a simple, well-intentioned mistake can cost a healthcare organization millions of dollars. Furthermore, in the United States of America, data loss prevention software meets operational use criteria as defined by the HITECH act, which means healthcare enterprises can receive the maximum amount of reimbursement by implementing systems to protect electronic health records. Organizations who fail to comply with government regulations and refuse to secure their highly sensitive data with data loss prevention security put themselves at severe risk in this era of ever evolving, resilient hackers and cybercriminals. Therefore, its in healthcare organizations best interest to embrace employee flexibility via cloud and employ security measures such as data loss prevention software for best security & efficiency.

Author :
Skyhigh Networks, the Cloud Security Services company, enables companies to embrace Cloud Security Services with appropriate levels of security, compliance, and governance while lowering overall risk and cost. With customers in financial services, healthcare, high technology, media, manufacturing, and legal verticals, the company was a finalist for the RSA Conference 2013 Most Innovative Company award and was recently named a "Cool Vendor" by Gartner, Inc. Headquartered in Cupertino, Calif., Skyhigh Networks is led by an experienced team and is venture-backed by Greylock Partners and Sequoia Capital. For more information, visit us at http://www.skyhighnetworks.com/cloud-data-loss-prevention/ or follow us on Twitter@skyhighnetworks.

Like it? Share it!


skyhighnetworks

About the Author

skyhighnetworks
Joined: December 18th, 2013
Articles Posted: 85

More by this author
Trending Articles | Register | Login
Copyright © 2010-2024 Uberant.com