Nearly 16 years after the enactment of the Health Insurance Portability and Accountability Act (HIPAA), a new report commissioned by Kroll Advisory Solutions suggests that providers continue to prioritize compliance over security at the expense of patient data. The 2012 HIMSS Analytics Report: Security of Patient Data, the third installment of the bi-annual survey of healthcare providers nationwide, shows a steady rise in data breaches over the last six years, despite increasingly stringent regulatory activity surrounding reporting and auditing procedures, and heightened levels of compliance.
The report is a tool to both monitor and provide insight into the effect and effectiveness of regulatory changes and the resulting compliance efforts taking place, as well as the evolving state of patient data security. A total of 250 respondents, comprised of Health Information Management (HIM) Directors/Managers, Compliance and Privacy Officers, Senior IT Executives, and Chief Security Officers, were surveyed regarding the status of patient data safety at their hospitals. This year’s report examines results longitudinally from the two previous surveys as compared to 2012, and presents results from new questions in this year’s survey.
Other key findings of the 2012 report include:
- Human error remains the greatest threat to data security across the healthcare industry
- The mobility of patient data – made possible by new technologies and the proliferation of mobile devices in the workplace – is a leading factor in healthcare data breaches
- The industry’s expectations of third party data security practices are not keeping pace with the increased outsourcing of patient data as third party data breaches rise