It seems that the data security landscape is constantly changing. Every day, new threats arise and fresh best practices emerge to keep companies at the forefront of protecting sensitive information. PKWARE’s staff of experts in data security share their thoughts in our blog, highlighting the most current topics on data security, management, and reduction. Check back frequently and join the conversation.

Strong Data Security Cultures Benefit Healthcare Organizations

Posted by on in Compliance

Recent efforts by the federal government to improve medical patient information protection policies with a series of mandates and regulations has had a positive effect on the healthcare industry. Hospital administrations that fail to comply with Health Insurance Portability and Accountability Act (HIPAA) guidelines will be at risk for significant penalties, depending on the nature of the security lapse. Healthcare professionals could face as much as a $250,000 fine or 10 years in prison for failing to secure patient data resulting in wrongful disclosure. With such high stakes, many medical organizations are stepping up their data security measures to fall in line with HIPAA regulations.

However, being in compliance with government guidelines does not necessarily mean that an organization is properly securing its patient data. Larry Hurtado, CEO of risk assessment firm Digital Defense, recently explained to PhysBizTech that medical professionals should practice a balanced combination of compliance and security. One of the key components to creating a quality data protection system is fostering a strong security culture. By educating employees on the importance on data security solutions and their role in meeting those goals, hospital administrators can ensure that their staff is facilitating that pursuit and not creating a vulnerability. For instance, under a strong security culture, employees will be less likely to store sensitive data on laptops without proper encryption techniques.

Hurtado suggested that these measures are particularly important for organizations that are interested in adopting bring-your-own-device (BYOD) policies. If medical facilities allow their staff members to use personal devices to access hospital information, including payment and medical records, they need to ensure that proper data encryption software solutions are being employed. If an employee were to have his or her mobile device lost, stolen or otherwise compromised, the sensitive information contained within could be easily accessed without solid encryption tools in place.

Tagged in: Bring Your Own Device (BYOD) Compliance Data Security Encryption HIPAA

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Wednesday, 02 October 2013