The annual big-data party known as the HIMSS conference played out in Chicago – and online – last week. During the event, one of the central issues that arose in the social media conversation under the #HIMSS15 tag involved the one facing patients trying to access their health records, either digitally or on old-school paper: the security/access conundrum. Data that’s accessible to a patient could also wind up accessible to Romanian hackers (you’ve heard me on this topic before), and efforts at making patient data “secure” mean that data is often secure from the patient whose data it is. Patients give their forehead some serious keyboard every day over that one. The folks over at Software Advice released a report on HIPAA breaches on March 12*, which I only caught up with when I returned from my Mighty Mouth 2015 Tour of Info-Sec and Right Care. Full disclosure, I’m quoted in the report, but that’s not why I’m talking about it here. Here’s my biggest takeaway from the piece: 54% of the patients surveyed for the report would consider ditching a healthcare provider if that provider had a breach. Most Patients Would Switch Providers After Breach Key findings in the report: Forty-five percent of patients are “moderately” or “very concerned” about a security breach involving their personal health information. Nearly one-quarter of patients (21 percent) withhold personal health information from their doctors due to data security concerns. Only 8 percent of patients “always” read doctors’ privacy and security policies before signing them, and just 10 percent are “very confident” they understand them. A majority of patients (54 percent) are “moderately” or “very likely” to change doctors as a result of a patient data breach. Patients are most likely to change doctors if their medical staff caused a data security breach, and least likely to change doctors if hackers were…
Read More
