HIMSS Analytics Report 2010: Security of Patient Data examines data security practices at hospitals across the United States. The second in a series of bi-annual studies on this topic, the report follows the 2008 Kroll-HIMSS Analytics Report. A pool of 250 respondents, comprised of Senior IT Executives, Chief Security Officers, Health Information Management (HIM) Directors/Managers, Compliance and Privacy Officers, were surveyed regarding the status of patient data safety at their hospitals.
Key findings of the 2010 report include:
- New regulatory activity, including the implementation of the Red Flags Rule and HITECH Act, has created a false sense of security among healthcare organizations that their facilities are secure and prepared should a breach occur.
- Healthcare organizations continue to underestimate the high costs of a data breach, despite new industry data which puts the average cost per industry data breach at $6.75 million.
- Healthcare organizations continue to think of data security in specific silos (IT, employees, etc.) and not as an organization-wide responsibility, which creates unwanted gaps in policies and procedures.
