Data Breach Risks and Electronic Health Records
With the push for the adoption of Electronic Health Records (EHR) comes the increased risk of Protected Health Information (PHI) breaches. According to Redspin’s 2013 Annual Breach Report, statistics revealed a 137% increase in patient records affected by a data breach and that number is expected to surge in 2014. A large part of the problem is the proliferation of PHI on portable or mobile devices. This has increased the internal risk posed by negligent employees, one of the biggest concerns for data breaches, and is expected to continue driving the risk of theft.
Reduce Risk
Adoption of IT security and encryption is vital in the protection of PHI, but that’s only part of the solution. With insider negligence driving risk, it is essential to include staff training as a core component of your breach-mitigating strategy. Establishing an internal campaign for communicating with and educating your employees on the risks and how to avoid them will help allay negligent behavior and decrease risk of data theft.
Be Prepared
Data breaches can happen despite your best efforts. So rather than merely hope for the best, it is prudent to prepare for the worst. Get a marketing organization involved early that understands the volatility of the data breach landscape and can be ready to help should a breach occur. Crisis management post-breach can be anarchic as you scramble to notify compromised parties and manage public relations on the media front. Being prepared with an experienced advertising agency that can handle all the behind the scenes (from email and direct mail blasts to PR and media space) will make an unfortunate situation a little less calamitous.
Find the Right Partner
Whether it is for an internal training campaign or post-breach PR, finding the right partner that is qualified to understand your industry risks is important. In fact, approximately 20% of PHI breaches between 2009-2013 occurred on the service provider level. This highlights the need to do your due diligence when selecting any vendor or business associate. Make sure they understand HIPAA/HITECH compliance requirements and are extremely diligent in the protection of PHI.
TRAFFIK Health is a local OC Advertising Agency specializing in healthcare marketing. Our team has over 20 years experience working in healthcare and a deep understanding of the regulatory environment and risks surrounding our industry clients. For more information on PHI breach prevention and crisis management, give us a call at (877) 769-1921.