General discussion


Healthcare, HIPAA, & Financial Data Security

By mflahmflah2012 ·
It's scary to think of all the systems being compromised, especially in the financial and healthcare information. But our data needs to be out there and accessible, so what do we do?

If I'm sick, really sick, and different doctors need to see my healthcare records to help me, I want them to have that access to my information - period. But while I'm healthy, and my health data is at rest, just sitting on a few hard drives, in files, I do want that data to be safe. Is it safe at my dentist? My doctor? The urgent care I went to in the off hours? The hospital where we visited the ER?

The banks and investment firms are also all electronic, so they have "my data" too. A few firms offer two-factor authentication to end-user consumers to protect their data, but not many. Some will send you a keyfob, some use a text message to your mobile device. Not a bad start, should be safe right?

There are some attacks and data breaches that cannot be protected against. When humans are involved, anything can happen. Humans design the security components and architecture that access and hold PHI (Protected health information) data, and other humans design the hiring/monitoring/firing process for those individuals who are authorized to access the PHI data. Other humans are trying to break into these systems. Hopefully, a step in the process is to monitor the data access logs by unique user name, and revoke access to humans that have left a particular entity.

In the "Security 101 for Covered Entities" report published by the Dept of Health & Human Services, I think they said it best when they wrote "HHS recognizes that each covered entity is unique and varies in size and resources, and that there is no totally secure system".

In a December 2011 survey of 72 healthcare groups by the Ponemon Institute, they found that 96% reported that some data had been lost, stolen, or compromised within the last two years.

The industry needs to find the right balance of security and accessibility for financial, personal, and healthcare HIPAA related data.

Mike Flaherty
Online Tech
734-213-2020 phone

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums