Protecting Patient Data

Protecting Patient Data

Attention: open in a new window. PDF | Print | E-mail

Last month I wrote about the importance of securing mobile data in hospitals.  This month I will offer some additional information on what can be done to prevent putting patients and hospitals at risk of security breaches.  With the growing population of new technology being used in hospitals and medical offices, protecting patient data on electronic devices is now essential to protecting hospitals from both legal and financial disaster. In November of 2010 a study was conducted by the non-profit organization Ponemon Institute.  During this study they found that reported data breaches are costing hospitals around $6 billion every year.  Research is showing that the healthcare industry is struggling to be able to protect patients sensitive medical records and because of this patients are being put at risk of medical identity fraud.

The use of PDA’s, tablets, and cell phone applications are a growing technology.  When you look at desktop computers and laptops, those have been around for several years.  The

environment has been given time to adjust settings and learn the best way to protect themselves and the data contained on these devices.  Tablets, PDA’s, and cell phone applications are still an up and coming technology and they are still getting all of the security details and little kinks worked out.  We have not been given the time to adjust to using these devices in the best way and to keep all of the information safe.  Hackers are exploiting these devices in the most sensitive locations as a key area of break-ins.

With all of this in mind, there are a few things that hospitals and other organizations can do to protect themselves and their confidential patient information.

ENCRYPTION.   Encryption is the conversion of data into a form that cannot easily be understood by unauthorized people. The data that is stored on devices should be encrypted.  If anyone were to come across the data any information they get will not be usable to anyone outside of the company.

REMOTE WIPES.   A remote wipe can be activated by the IT department.  Basically these wipes are set up on devices and if one is stolen or misplaced you simply call the IT department and the wipe will be activated.  Once activated, the device will be cleared of all data will be destroyed.

PERIMETER SETTINGS.  The devices that are being used, such as tablets, can be set up so that if the device goes out of a certain radius it will become unusable.  This would benefit in the hospital setting, if a patient or an employee were to leave the building, the device would be disabled and the information on the device will be protected.

Although there are a lot of security issues involved with using new technology in a hospital or healthcare organization, there are things that can be done to prevent a breach in security.  As the technologies develop, new security measures will arise, but for now it is up to the hospitals to protect themselves and keep their patients safe from medical identity fraud.

~ Ashley West