One sign…an epidemic of articles. HealthcareIT News continues on data breaches running rampant in this interview with Mahmood Sher-Jan of ID Experts–another company in IT security. His five-point analogy to an epidemic is designed for the healthcare-minded to be easy to follow:
- Both attack innocent and unsuspecting people and deplete the resources of the healthcare industry and governmental agencies.
- Both need thoughtful and prompt crisis management.
- Both need root cause analysis, quick and competent containment.
- Both cause economic and emotional damage, coupled with the risk of a PR nightmare.
- Eradication is often unfeasible or costly.
Sher-Jan’s conclusion: “Like an epidemic, the threat and impact of a data breach can be reduced, but only through proper planning and immediate and appropriate response.” Five ways a PHI breach is like an epidemic
Just the facts….another take is from Mac McMillan of CynergisTek, also in IT security and regulatory compliance. Six years after the HIPAA security rule (US), there have been 31,000 data breaches in healthcare organizations–and he maintains that most were unavoidable or self-inflicted. ‘More than 67% of breaches involved some form of physical loss or theft of a computer system or device. The remaining 33% of causes identified included unauthorized access, hacking and improper disposal of information.’ Thus prevention is key. Data security in healthcare: how bad is it?