Welcome!

Blog Feed Post

True cost of breached patient data

secure messaging for doctors

 Data breaches highlights why we need secure messaging for doctors

Statistics published by the Journal of Hospital Medicine in July 2017 show that despite the persistent campaign to educate the healthcare community about the problematic nature of pagers  and unsecured messaging, both continue to be popular technologies. According to the Journal:

  • Almost 80% of clinicians continue to use pagers. It is the most commonly used technology by hospital-based clinicians
  • 53% of clinicians use text messaging to exchange patient care information
  • 3% exchange text messages that include identifiable patient information
  • Relatively few hospitals have fully implemented secure mobile messaging applications

The lack of security these statistics demonstrate is more than just a HIPAA compliance issue – although that is an important issue as well. The lack of secure messaging for doctors and nurses also has a significant impact on patients’ financial and actual physical health.

The goal of this blog is to highlight how the exchange of unsecured patient information through pagers and standard text messaging applications leads to deleterious impacts that hospitals can no longer ignore. The lack of secure messaging for doctors and nurses must stop.

How do unsecure messages go rogue?

When pagers are unsecured or unsecured patient information is exchanged there is a real risk that the information can be hijacked or stolen. When pagers or unsecured texting devices are used, the exchanged messages are neither encrypted nor password protected. As such, if the content of those messages gets into the wrong hands then the content can be used for harmful purposes.

Healthcare is the most vulnerable sector of the US economy when it comes to breaches of patient health information. Healthcare tops the list of the most cyber-attacked industries.  In 2015, one in three Americans were the victim of healthcare data breaches. This figure translates into more than 111 million individuals’ data being lost due to hacking or IT incidents in the U.S. alone. The leading cause of breaches was lost and stolen devices such as smartphone.

In the case of smartphones, many hospitals either explicitly or implicitly allow practitioners to bring their own device (BYOD). With the inherent challenges around developing adequate security measures for messaging on personal devices, sensitive data is left exposed. With lost or stolen devices, hospitals and clinics have no way to wipe the device nor do they have encryption and passwords on messaging applications that would prevent improper use of the information.

Mobile devices remain a key access point for PHI and when lost or stolen, the information on the devices often results in costly data leaks. Demand for BYOD is significant among healthcare professionals with approximately 85 percent of healthcare professionals bringing their own devices to work. Given these statistics, it is likely that smartphone use will continue to grow in healthcare and that possibilities for stolen healthcare information will grow alongside it.

What happens when hospitals don’t provide secure messaging for doctors and administrators

The value of lost or stolen healthcare information is double to triple that of credit card information. Why? A lost or stolen credit card can easily be canceled and replaced with a new one. But, what do you do when someone has stolen your social security number or personal records with your date of birth and other identifiable information that allows a criminal to impersonate you?

On the black market, criminal hackers can demand $20 per health insurance credential and upwards of $50 per medical record.  By contrast, someone’s credit card information might sell for only one or two dollars. Victims end up medical identity theft pay an average of $13,500 to resolve the crime.

Cybercriminals use the stolen healthcare information to impersonate unwitting victims. By impersonating individuals, criminals use the stolen credentials to obtain health services such as surgeries, medications or health aids.  Unfortunately, there is no centralized repository for medical records. Thieves can easily hop from one healthcare provider to the next, making fake claims.

Not only do these acts violate the privacy of the patient, they also can lead to the alternation of patient records. As one source wrote:


[I]mpersonation can corrupt a victim’s health record. It can be things like incorrect blood type, incorrect allergy information, not the right kind of medications, conditions, or diseases that the you have and the thief doesn’t have or visa versa. [A] corrupted medical history could lead to delays, misdiagnosis, and incorrect treatment.


Medical identity theft corrupts medical records with erroneous information that can lead to incorrect diagnosis and treatment. Therefore, the theft is a quality-of-care issue that directly impacts the core mission of the health care industry.

Conclusion

There are many other ways that unsecure messaging can impact patient health. From delaying necessary patient care to providing redundant testing, the impact of unsecure patient health information cannot be ignored. The need for secure messaging for doctors is greater now than it has been before. Healthcare facilities need to begin taking secure messaging seriously.

Download our e-book to learn more.

 

The post True cost of breached patient data appeared first on OnPage.

Read the original blog entry...

More Stories By OnPage Blog

OnPage is a disruptive technology and application that leverages today's technology and smartphone capabilities for priority mobile messaging. With a top notch history of ensuring uninterrupted communication for businesses and critical response organizations, OnPage is once again poised to pioneer new mobile communications methodology for business and organizational use.

Latest Stories
SYS-CON Events announced today that Daiya Industry will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Daiya Industry specializes in orthotic support systems and assistive devices with pneumatic artificial muscles in order to contribute to an extended healthy life expectancy. For more information, please visit https://www.daiyak...
SYS-CON Events announced today that Nihon Micron will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Nihon Micron Co., Ltd. strives for technological innovation to establish high-density, high-precision processing technology for providing printed circuit board and metal mount RFID tags used for communication devices. For more inf...
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
SYS-CON Events announced today that Suzuki Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Suzuki Inc. is a semiconductor-related business, including sales of consuming parts, parts repair, and maintenance for semiconductor manufacturing machines, etc. It is also a health care business providing experimental research for...
"Our strategy is to focus on the hyperscale providers - AWS, Azure, and Google. Over the last year we saw that a lot of developers need to learn how to do their job in the cloud and we see this DevOps movement that we are catering to with our content," stated Alessandro Fasan, Head of Global Sales at Cloud Academy, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Enterprises are moving to the cloud faster than most of us in security expected. CIOs are going from 0 to 100 in cloud adoption and leaving security teams in the dust. Once cloud is part of an enterprise stack, it’s unclear who has responsibility for the protection of applications, services, and data. When cloud breaches occur, whether active compromise or a publicly accessible database, the blame must fall on both service providers and users. In his session at 21st Cloud Expo, Ben Johnson, C...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
Many organizations adopt DevOps to reduce cycle times and deliver software faster; some take on DevOps to drive higher quality and better end-user experience; others look to DevOps for a clearer line-of-sight to customers to drive better business impacts. In truth, these three foundations go together. In this power panel at @DevOpsSummit 21st Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, industry experts will discuss how leading organizations build application success from all...
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
Cloud-based disaster recovery is critical to any production environment and is a high priority for many enterprise organizations today. Nearly 40% of organizations have had to execute their BCDR plan due to a service disruption in the past two years. Zerto on IBM Cloud offer VMware and Microsoft customers simple, automated recovery of on-premise VMware and Microsoft workloads to IBM Cloud data centers.
Why Federal cloud? What is in Federal Clouds and integrations? This session will identify the process and the FedRAMP initiative. But is it sufficient? What is the remedy for keeping abreast of cutting-edge technology? In his session at 21st Cloud Expo, Rasananda Behera will examine the proposed solutions: Private or public or hybrid cloud Responsible governing bodies How can we accomplish?
Today traditional IT approaches leverage well-architected compute/networking domains to control what applications can access what data, and how. DevOps includes rapid application development/deployment leveraging concepts like containerization, third-party sourced applications and databases. Such applications need access to production data for its test and iteration cycles. Data Security? That sounds like a roadblock to DevOps vs. protecting the crown jewels to those in IT.
SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness.
Elon Musk is among the notable industry figures who worries about the power of AI to destroy rather than help society. Mark Zuckerberg, on the other hand, embraces all that is going on. AI is most powerful when deployed across the vast networks being built for Internets of Things in the manufacturing, transportation and logistics, retail, healthcare, government and other sectors. Is AI transforming IoT for the good or the bad? Do we need to worry about its potential destructive power? Or will we...
SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc.