In 2010, providers alone spent more than $88.6 billion on health IT initiatives in response to the US government’s “meaningful use” incentive program to drive widespread adoption of electronic health records (EHRs). Is this data secure?
For many individuals, the answer is no. In just the last year and a half, a breach of personal health information occurred, on average, every other day. The HHS Office for Civil Rights even lists where and when these breaches occurred.
PWC lists four key factors that put your health data at risk. These include:
- Electronic Health Records (HER) and Health Information Exchanges (HIE)
- Business Associates (e.g., vendors)
- Use of health data as secondary data for clinical studies, outcome-based research, and post-market surveillance of drugs.
- Social Media.
“Our policy restricts employees and physicians from accessing their own medical records, but there have been cases where curiosity gets the best of them,” said Thomas J. Lewis, president and chief executive officer at Thomas Jefferson University Hospitals, Philadelphia.
“We need to meet the physician and patient needs and demands for mobile health and social media, but we are still focusing on how we manage the security implications. There is a direct correlation between the level of mobility and our ability to protect that data,” said Luis Taveras, senior vice president of information technology services at Hartford HealthCare Corp., an 867-bed major teaching facility in Connecticut.
- PWC Health Research Institute. Old data learns new tricks, September 2011.