It is terrific to see that a recent discussion forum of healthcare CIOs concluded that “human foibles” are likely to continue to contribute to data breach incidents in healthcare.The CIOs were on an e-health panel at the MIT Sloan CIO Symposium in Cambridge, Mass.
As noted by InformationWeek Healthcare:
“While advancements in security technology better protects patient data, and regulations like HIPAA aim to set rules for information security and privacy, some breaches boil down to humans making mistakes. ‘Everything in our environment is encrypted,’ said William Fandrich, senior VP and CIO at Blue Cross Blue Shield of Massachusetts. However, despite solid attempts at security protection and other precautions, healthcare organizations need to emphasize–and continue to remind–employees about simple things they need to do to prevent patient privacy breaches.”
We continue to find that organizations turn primarily to technology to solve the data breach “problem”. This is exemplified by the perspective that once all data is encrypted, that data breach risks will be eliminated. It is great to see the thoughtfulness of healthcare CIOs at this conference where there is a prominent recognition that human error (and of course, human fraud) is a weak link for data breach risks despite the best of technologies applied.