At an average cost of $10 to $20 per record, it’s been said that that Medical Records are worth 10 times more to hackers than credit cards. Yikes!
The Ponemon Institute and IBM recently teamed up to release their ninth annual Cost of Data Breach Study, which includes results from 314 companies that represent 10 countries around the world. For 2014, the report revealed the average cost per stolen or lost record, across industries, has increased over 9% from 2013 to an average of $145. For Healthcare specific breaches, the 2014 average cost is $359 per stolen or lost record. With figures this high, the $3 Trillion health care system in the U.S. needs to ensure they have appropriate safeguards in place.
In the ever-changing world of healthcare, Health Information Management (HIM) professionals have taken on some of these responsibilities to help with the efforts to reduce risk. In former years, HIM professionals once focused on records management, but with the increased Legal and Regulatory, Clinical, Financial and Technological responsibilities that have been added to their plates, they have transformed to not only manage the data, but also the context and use of the data housed in the medical record. The American Health Information Management Association (AHIMA) continues to lead the way in educating HIM professionals on the importance of having a strong Information Governance team and program to ensure the security and privacy of Health Information.
There are many ways that hospitals can ensure that they are taking all necessary precautions to ensure secure practices for handling medical records, especially those that remain in paper format. Some tips for information governance in healthcare could include:
- Working with senior leadership to put an Information Governance committee in place
- Identifying areas of risk in your organization, especially pertaining to medical records security
- Shopping around – Although price is an important deciding factor for services such as document scanning, make sure you’re not sacrificing privacy, security and quality in the long run.
- Touring vendor facilities – If you have a vendor taking your medical records offsite for Document Scanning, Destruction, Storage, or Release of Information, make sure to tour their facility to see the safeguards the vendor has in place.
- Swiftly working to resolve areas of risk once they are found – Although there may be an upfront cost, proactive costs are typically less expensive than reactive costs and breaches.
When protecting the sensitive information contained in patient charts and medical records, there’s no such thing as too secure. Our scanning facilities are ISO 27001 certified – the only internationally accepted security standard.
To learn more about information governance and healthcare cyber security, check out these two great resources:
http://www.ahima.org/topics/infogovernance/igbasics
http://www.reuters.com/article/2014/09/24/us-cybersecurity-hospitals-idUSKCN0HJ21I20140924
Or, connect with one of our business process experts below!
