When hospitals find themselves in the middle of a breach, they usually prioritize improving their security to prevent further security breach incidents. In addition to defending themselves against data breaches, health systems also need to find the right balance to adequately protect their patients’ privacy.
Since medical information is stored digitally, patients may not be fully aware how crucial it is to protect their data from being seen by unauthorized persons. Some privacy breaches may be avoidable, and learning from these mistakes is essential for health systems to maintain security of sensitive patient information.
Here are three reasons why patient security may be lacking at health organizations.
1. Privacy Is on the Back Burner
When health IT systems are built, ensuring patient privacy is usually not on the forefront of designers’ and engineers’ minds. These IT experts usually put system functions ahead of privacy, which could result in poor privacy protection down the road. Some developers may also leave out privacy features altogether, which could put patient information at risk for being compromised.
2. Human Error
In a recent report, psychiatric facilities in Texas suffered a string of data breaches, but the majority of them were caused by human error, The Republic reported. Dr. Deborah Peel, the Austin founder of watchdog group Patient Privacy Rights, said repeated data breach incidents could lead patients to question whether their information is secure, which could cultivate distrust among patients.
“Our patients deserve privacy and expect that their information is kept confidential,” said Christine Mann, spokeswoman for the Texas Department of State Health Services.
3. Organizations Don’t Prepare for Insider Breaches
While health systems may report cyberattacks, they are also susceptible to data breaches caused by employees. One of the data breaches reported in Texas’ Big Spring State Hospital in the past six months was the result of an insider data breach. A former nursing assistant stole the information of about 50 patients, including their names and other medical information.
“I feel like I can’t trust the hospital anymore, not with anything personal,” said James Boucher, one of Big Spring’s patients impacted by the breach. “I don’t even know where the records have been.”
If you’re worried that your medical records may be exposed and lead to identity theft, you can monitor your credit for free using the Credit Report Card, which updates two of your credit scores monthly. Any sudden, unexpected change in your credit scores could signal possible identity theft and you should consider pulling your credit reports to make sure your information is safe (you can do this for free once a year at each of the major credit bureaus).
More on Data Privacy:
- Identity Theft: What You Need to Know
- How Do I Dispute an Error on My Credit Report?
- 3 Dumb Things You Can Do With Email
- The Risks You Face From Identity Theft
- How Can You Tell If Your Identity Has Been Stolen?
- What Should I Do If I’m a Victim of Identity Theft?
- How Credit Impacts Your Day-to-Day Life