We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Healthcare breaches: Do they even matter?

While the healthcare industry moves to invest billions into electronic health records, a steady trail of breaches and broken promises of security is starting to take its toll on patient trust.

Just last week Virginia Commonwealth University made public a breach involving the compromise of two servers that left personal information on former and current VCU and VCU Health System faculty, staff, students and affiliates exposed. The VCU reported that the records of 176,567 people were exposed in this incident notification.

Also see For me, healthcare security is personal

According to the University, two servers had been compromised, with one server having data that included Social Security numbers, names, or electronic IDs, and a subset of files contained date of birth, contact information among other information.

VCU is no unusual incident. Earlier this month the St. Joseph Medical Center reported that 5,000 x-rays with patients' name, date of birth, medical record number, date of service, referring physician, the type of study and the radiologist's medical interpretation of the film were stolen. At University of California Los Angeles Health System, 16,288 patients' names, medical and other demographic information was stolen from a hard drive during a home burglary.

And in yet another recent incident, at Premier Imaging LLC, an employee was fired after bringing files on 47 patients home for reasons that still remain unclear.

According to the Privacy Rights Clearinghouse, a watchdog group that tracks data breaches, there have been 355 medical data related breaches, involving 10,120,287 records, that have been made public since 2010.

Despite all this bad news, a recent survey found that such occurrences probably won't temper the trust consumers have in data sharing or using electronic health records. According to a survey of 1,000 consumers conducted by the PwC Health Research Institute, 60 percent of respondents would be comfortable having their health data shared for improving overall care, 54 percent for improving decision-making in their care, and 36 percent to provide data for better analysis of doctor's performance.

However, only 30 percent of respondents said, if factors such as cost, quality, and access were even among competing providers, clear security and privacy policies would impact their healthcare decisions. "It's easy for respondents to say this, but the reality is that consumers will not likely have any level of confidence on their ability to judge one provider's security and privacy policies over another," says Pete Lindstrom, research director at Spire Security.

George V. Hulme writes about security and technology from his home in Minneapolis. You can also find him tweeting about those topics on Twitter @georgevhulme.

Read more about network security in CSOonline's Network Security section.

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model