Despite implementing all the security measures, protected logins – Healthcare has increasingly fallen prey to data security breaches. In most cases, it happens due to internal negligence but sometimes providers become vulnerable to data hacks due to low security. Various health data security breaches have caused serious damages to healthcare organizations when they compromised the protected health information of millions of patients. Here are a few examples of the most common types of healthcare data security breaches.
Hacking network server password: In a data breach incident, a hacker broke into the service’s server and hacked personal data (SSN, contact information, PHI) belonging to thousands of patients stored on the server. The hacker was successful in breaching the security of the server by intercepting a weak password.
Health data security threats and technical safety measures: Clinical records of 2,850 individuals were compromised when a third party found documents containing the information in a recycling container (instead of paper shredders) behind the building of the South Carolina Department of Health and Environmental Control. In a similar incident, a provider disposed of patients’ Protected Health Information in a dumpster outside of a doctor’s office.
Lost portable devices and backup drives: While in transit on public transportation, a laptop was lost by an employee that contained PHI of 3,800 individuals. In another reported breach, a provider lost a server backup tape containing roughly 375,000 individuals as it was being sent via courier. Another provider lost two USB storage devices containing ePHI of 1,474 individuals.
Theft: A desktop and four laptop computers were stolen from a locked facility. Following the breach, the covered entity installed new office door locks with assigned keys, installed security cameras with alarms, and physically secured computers to desks. Moreover, several incidents of laptop theft and external hard drives stolen from cars have been reported.
Unauthorized access or disclosure: According to a breach report, former employees took protected health information (PHI) pertaining to 13,000 patients and disclosed it to a competing medical practice. Moreover, there are incidents of passing on PHI through Email to third parties and other misuses.
Sybrid MD can help you maintain the security of health information by strictly maintaining HIPAA’s security and data encryption standards. A review of security procedures at every level including management, clinicians and IT staff, the technical team can help you with:
Risk management procedures and review of external accesses to your network.
Analyze threats to confidentiality, integrity, and availability of protected information.
Establish measures to identify future security risks.
A process for integrating continuing security updates.