Digital technology has opened a world of opportunities for health care delivery — and, unfortunately, for data hackers. Data breaches affecting protected health information made headlines in 2015, but hundreds of breaches occur that don’t make the news. Since Jan. 1, more than 200 breaches affecting at least 500 individuals have been recorded, according to the U.S. Department of Health and Human Services Office for Civil Rights. The total number of health data breach victims in 2015 is more than 100 million.
Data breach targets include health insurance companies and hospitals. Data breaches happen across all industries, but health care has strict laws to protect consumers. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) includes a section that details security standards to ensure the confidentiality and protection of electronic records.
HIPAA regulations mean health care information must be “locked up” digitally, but safeguarding data can be challenging — especially when it comes to mobile technology. With the popularity of laptops and other mobile devices, data breaches happen when employees are unaware of the mass amounts of information available to hackers.
Mobile devices are easy targets for hackers. Employees can walk out the door with patient information, company email accounts and other identifying information in the palm of their hands. Additionally, breaches can occur when unsecure wireless networks are used to input patient information into a tablet or other mobile device.
But mobile devices aren’t the only targets for hackers. The U.S. Department of Health and Human Services Office for Civil Rights categorizes breach locations including desktop computers, laptops, paper, electronic medical records, network servers, e-mails and other portable electronic devices.
It requires constant vigilance for companies to safeguard against data breaches. Here are five simple yet effective tips to help companies protect employees’ health data.
- Continuously educate and update employees on HIPAA compliance and how to keep their information secure. Many breaches are traced to lost laptop or phone, or an employee improperly using technology.
- Encrypt data and e-mails so that in the case of a data breach, the hacker will not be able to match the data with people.
- Implement multi-factor authentication to confirm people are who they say they are.
- Stay in the know with compliance updates; McGohan Brabender makes this simple by regularly posting compliance updates in the news section.
- Implement anti-virus software and identity verification technology to achieve and improve overall security. It is critical to keep technology updated to decrease risk.
It is essential for businesses to safeguard health care data. Failure to secure information can result in monetary and criminal penalties. A data breach can erode your company’s credibility. The loss of trust and damage to your reputation can cost you business.
For 40 years, McGohan Brabender has been simplifying the delivery of health benefits. We are passionate about what we do and have the tools and experience to guide you through the chaos of health benefits management.