Although health care organizations are eager to embrace new technology, the industry is not adequately prepared to address potential data breaches, according to a report by PricewaterhouseCoopers, Reuters reports.
For the report, PwC's Health Research Institute conducted 600 interviews with health care executives in the spring of 2011.
Researchers found that about 74% of health care organizations plan to expand their use of electronic health data. However, the report also found that:
- Less than 50% of health care organizations have addressed issues related to the use of mobile devices;
- About 47% of organizations have addressed issues related to health data privacy and security; and
- Less than 25% of organizations have addressed issues related to the use of social media (Selyukh, Reuters, 9/22).
Most Health Data Breaches Carried Out by Insiders
James Koenig -- co-lead of PwC's Health Information Privacy and Security Practice -- said the survey found that health data breaches often are carried out by "knowledgeable insiders -- such as people in admissions, billing, computer programmers, the janitorial staff, even in security -- who get access either to building facilities or to computer systems for information" (Eisenberg, Bloomberg Businessweek, 9/22).
Researchers found that:
- More than 50% of surveyed executives said they were aware of a privacy or security breach at their organization during the past two years (Reuters, 9/22); and
- 40% of survey respondents said they were aware of improper internal use of protected health data during the past two years.
According to the report, theft accounted for about 66% of publicly reported health data breaches (Bloomberg Businessweek, 9/22).