Patient Data At Risk Not Just at Medical Facilities

Patient Data At Risk Not Just at Medical Facilities

HealthCare IT News November 13, 2015

As many as 90% of all industries may not be aware that Protected Health Information (PHI) may exist in their company records. Concern for protecting PHI should not only be on the part of hospitals or insurance carriers but throughout the entire business/corporate environment. In a study by Verizon, it was uncovered that “392 million health records have been accessed in 1,931 protected health information breaches across 90% of industries.” These breaches have been found across 25 countries and the sensitive information was part of personnel files for individuals not part of the general healthcare industry.

Only utility and management industries, of all the ones examined, did not contain PHI thus these two sectors were free from breaches. Naturally stolen medical information can have devastating effects on both patients, and those individuals not in a healthcare setting whose records have been accessed.

Verizon reports that PHI records are targeted from both internal and external hackers, and tends to be breached more often from the inside. Hackers are “data-only” driven and look toward the availability of data irrespective of the country in which that data is found or of the size of the company from which the information is stolen. When accessing this information it is more likely that personal identification information is being sought and not necessarily the health information parts of the files.

The utility of such data is focused on committing financial fraud either by the hacker himself or to sell in the underground community for a quick turnaround and profit. A 2015 Healthcare Information and Management Systems Society conference in Washington was the location at which this new and disturbing information was released. The final full release of the study will be in December of this year. The gravity of this report will help healthcare organizations to make the best protective strategies possible. More detail will be released regarding how the breaches occur, how quickly they were discovered and ways to build protective walls keeping this data untouchable from those who would misuse it.