Page 19

Advance for Health Information Professionals • January 2017

19 Both mobile and remote image viewing increases the amount of patient data traveling both inside and outside enterprise networks. pletely expunged from the remote or mobile device. Any data that is transferred or stored on mobile devices or remote system becomes immediately unsafe. First, mobile devices are frequently lost or stolen; some data estimates that 68% of security breaches were due to the theft or loss of a mobile device.7 In addition, providers have no control over the level of security technology in place on a remote system. The best approach to ensuring the security of a patient image accessed by remote or mobile devices is to keep data from being saved on them. End-to-End Data Encryption Patient image data also needs to be protected during mobile or remote viewing sessions. Both mobile and remote image viewing increases the amount of patient data traveling both inside and outside enterprise networks. Wherever and whenever that data is transferred, it should be encrypted to protect it from eavesdropping hackers. Any technology built for a modern healthcare environment must include encryption and not be designed with the assumption that encryption will be implemented by the hardware of the accessing device or other health IT, such as electronic health records (EHRs). Secure Patient Data Access The prevalence of security breaches for both big and small healthcare organizations is expected to continue.8 With more patients in the system thanks to the Affordable Care Act, hackers now have more patient data to access, keeping healthcare a top target into the future. At the same time, the need to share and exchange electronic patient data continues to rise among healthcare providers. As just one example, urgent care facilities and health systems are forming partnerships to better coordinate patient care. The success of these partnerships depends on seamless exchange of electronic patient information, which means sharing patient information between a health system and the many locations of an urgent care provider. It’s not hard to imagine the complexity of implementing secure connections in a healthcare ecosystem with hundreds of separate locations. In these situations, health IT managers must use health IT tools with built-in modern security to manage the high risk inherent in the sharing and exchange of patient health data. Jonathan Draper is director of product management, healthcare at Calgary Scientific. References 1. Banner Health. Banner Health identifies cyber attack. www.bannerhealth.com/ news/2016/08/banner-health-identifies-cyber-attack 2. Humer C, Finkle J. Your medical record is worth more to hackers than your credit card. www.reuters.com/article/us-cybersecurity-hospitals-idUSKCN0HJ21I20140924 3. U.S. Department of Health and Human Services Office for Civil Rights. Breaches Affecting 500 or More Individuals. https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf 4. Munro D. Data breaches in healthcare totaled over 112 million records in 2015. www. forbes.com/sites/danmunro/2015/12/31/data-breaches-in-healthcare-total-over-112-million records-in-2015/#bee1157fd5a9 5. Edds B. Secure Communications Strategies for a Mobile Healthcare Workforce. http:// health-system-management.advanceweb.com/secure-communications-strategies for-a-mobile-healthcare-workforce/ 6. Barrett M. Image sharing goes mobile. http://health-system-management.advanceweb. com/image-sharing-goes-mobile/ 7. Bitglass. The 2014 Bitglass healthcare data breach report. http://pages.bitglass.com/rs/ bitglass/images/WP-Healthcare-Report-2014.pdf 8. Experian. Third annual 2016 data breach industry forecast. www.experian.com/assets/ data-breach/white-papers/2016-experian-data-breach-industry-forecast.pdf ADVANCE FOR HEALTH INFORMATION PROFESSIONALS / ELECTRONIC HEALTH RECORDS RELATED CONTENT 3 Ways to Reduce Ransomware Focus resources on running the business and delivering quality care for patients. JANUARY 2017


Advance for Health Information Professionals • January 2017
To see the actual publication please follow the link above