Eighty percent of IT practitioners say their organizations had one or more data breaches that involved the loss of patient health information, according to “Electronic Health Information at Risk:
A Study of IT Practitioners” released Oct. 15 by the Ponemon Institute and LogLogic.
The majority of IT practitioners in the study (61 percent) believe their organizations do not have adequate resources to protect patients’ sensitive or confidential information. Additionally, 70 percent say senior management does not view privacy and data security as a top priority. Fifty-three percent of respondents do not believe their organization takes appropriate steps to protect the privacy rights of patients and to comply with the requirements of HIPAA and other related healthcare organizations.
The study found that 95 percent of the respondents collect personal health history; 74 percent collect credit card information; 52 percent collect Social Security numbers; and nearly all collect the names, addresses and phone numbers of patients.
Survey respondents say the top three emerging threats affecting an organization’s ability to secure electronic health information are: virus or malware infections, the loss of patient data (a.k.a. data breach), and malicious employee attacks. Of these threats, the ones that are most likely to occur and most severe are identity and authentication failures, data breach and malicious employee attacks.
To read the full report, click here.
