Healthcare organizations neglect data security in compliance race

As regulations in the healthcare industry tighten, more organizations are striving to meet the evolving compliance requirements. However, in their attempt to do so, many healthcare facilities are neglecting security and becoming more vulnerable to data loss, according to a report by Kroll Advisory Solutions.

The study found labeling records by data quality or sensitivity was a major factor that contributed to numerous data breaches. More than half of respondents said a data loss incident was caused by an employee accessing records that should have been out of his or her reach.

"There are numerous reports of security breaches that have taken place as a result of the actions taken by business associates handling identifiable health information," Healthcare Information and Management Systems Society executive Lisa Gallagher said. "Healthcare organizations need to ensure that their business associates are taking every precaution to safeguard this information."

According to the Identity Theft Resource Center, the healthcare industry experienced 86 data breaches in 2011, which exposed more than 3.7 million records. Hospital and other medical facility decision-makers need to encourage employees to follow best practices when handling sensitive data to prevent breaches from occurring.