by Doug Pollack
An article published by the Wall Street Journal titled “Are Your Medical Records at Risk; Amid Spate of Security Lapses, Health-Care Industry Weighs Privacy Against Quality Care” discusses the growing incidents of data breaches and contributing factors within the health care world.
The article highlights the extent of this problem as follows:
“In a spate of recent security lapses at hospitals, health insurers and the federal government, private information on hundreds of thousands of patients, ranging from Social Security numbers to fertility-treatment and cancer records, has been compromised. The incidents have included the theft of an unencrypted laptop from an employee of the National Institutes of Health and the inadvertent posting of personal data unsecured on the Web from insurers WellCare Health Plans Inc. and WellPoint Inc.”
The preface here is that the health care industry is inclined to have greater incidence of data breaches due to the broader access to private patient information by employees and health care workers. This was illustrated in recent weeks by the highly publicized access to medical records of Britney Spears by works at the UCLA medical center.
“Health care isn’t the only industry whose slip-ups can upset consumers or expose them to identity theft. But hospitals are notable for the sheer number and types of employees — including billing staff, nurses, doctors, researchers and lab technicians — who have quick access to individuals’ private information.”
But there seem to be structural requirements for patient record access, dictated by the need to ensure high quality and emergency medical care, that will make it difficult to reduce the risks of data intrusion and breach.
“Many hospitals are reluctant to control access to data too tightly for fear that it will create red tape in emergency situations. “We have to be able to take care of patients, too,” says Wendy Mangin, president of the American Health Information Management Association and director of medical records and privacy officer at Good Samaritan Hospital, in Vincennes, Ind., which audits clinical staff’s access to medical data but doesn’t block it. ”
Unfortunately, it would appear that we will be seeing more rather than fewer data breaches within the health care industry for the foreseeable future.