Veriphyr

Must Privacy Breaches Require "IT Gymnastics"?

2013-06-18T09:25:00.001-07:00

A privacy breach of diagnostic images and personal information on 500 patients was reported by a Canadian hospital.

The breach was the result of a staff physician sharing his username and password with a physician not affiliated with the hospital. While physicians often share information with others in the course of providing care there are regulations that must be complied with to protect patient confidentiality. In this case it seems regulations were not followed and the Information and Privacy Commission of Ontario is investigating.

"The privacy breach was discovered in early April and it took multiple gymnastics from an IT perspective to be able to come up with a list and determine to what extent and when it began."
- Andree Robichaud, CEO Thunder Bay Regional Health Sciences Centre

The hospital CEO noted "multiple gymnastics from an IT perspective" were needed to determine when the breach began and its extent. IT gymnastics can be eliminated by using Identity and Access Intelligence (IAI), SaaS analytics services.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Hospital Apologizes for Data Breach - www.seclists.org, 05/28/2013

Hospital Worker Steals 1,000 Patient IDs

2013-06-17T09:47:00.005-07:00

Federal law enforcement alleges that hospital worker Curtis Fullwood stole the identities of more than 1000 psychiatric patients.

Mr. Fullerton's job was to assist mental patients find work but he has been accused of taking their identity information from hospital computers and then filing fraudulent tax returns.

"Fullwood obtained patients' information by illegally using computers at the Pembroke Pines psychiatric hospital to steal the identities of people who were admitted for treatment." - SunSentinel

It is unclear if the hospital knew about the identity thefts or if they first learned about the patient privacy breach from federal law enforcement. Healthcare organizations can utilize low-cost on-demand SaaS analytics services to proactively detect theft of patients' private information.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Psychiatric patients' IDs stolen by hospital worker, feds say - Sun-Sentinel, 06/11/2013

Private Rx Info Breach at State Database

2013-06-14T05:27:00.001-07:00

Florida's E-FORCE program was "to encourage safer prescribing of controlled substances and to reduce drug abuse and diversion within the state" but as some feared it has put private health data at risk.

The ACLU of Florida said “The private medical information of more than 3,000 Floridians — namely what prescription drugs they take, the dosage, their date of birth, address and the name of the pharmacy that dispensed the prescription, ended up in the hands of third parties who simply have no legal right to know which law-abiding citizens are taking which prescribed medications."

"None of the 3,300 individuals involved either gave their consent or was notified of the release. The violation only became known when one individual unrelated to the criminal investigations became aware of the privacy breach."
- FloridaWatchdog.org

Supposedly the E-FORCE program must comply with federal and state privacy laws and regulations; if this is the case then an "accounting of disclosures," a report of what patient data and to whom it was released, should be available.

This type of tracking and reporting is now fast and easy to obtain using low-cost on-demand SaaS analytics services.

Download a white paper on accounting of disclosures of medical records. Learn how to identify to whom private patient was disclosed - with no hardware and no on-site software.

Sources:
(a) Floridians see private Rx info leaked from state database - www.FloridaWatchdog.org, 06/13/2013

Prime Healthcare Violates Patient Privacy, Fined $275K

2013-06-13T07:23:00.000-07:00

Prime Healthcare Services has agreed to pay $275,000 to settle a federal case alleging violation of patient privacy by the CEO of the Shasta Regional Medical Center (owned by Prime).

Additional fines related to this matter were imposed by the California Department of Public Health (DPH), $95,000 for violating patient confidentiality, plus $3,100 for not reporting the breach to the state and the patient in a timely manner.

"The federal Office for Civil Rights, which investigated the matter, declined to comment in detail on the settlement until the company made the $275,000 payment."
- Los Angeles Times, Money & Co., 06/11/2013

Breaches of patient privacy by "insiders" can be detected using low-cost on-demand SaaS analytics services.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Prime Healthcare Pays $275K To Settle Federal Patient Privacy Case - www.CaliforniaHealthline.com, 06/12/2013

2013 Breach Cost Study: Healthcare Highest at $233/Person

2013-06-12T07:52:00.001-07:00

The 2013 Cost of Data Breach Study, conducted by the Ponemon Institute, found the average global cost of a data breach was $136 in 2012, a $6 increase over 2011. For financial services and healthcare organizations, which hold more personally identifiable information, the cost was $215 and $233 per person, respectively. For example, $233,000 if 1,000 patient records are inappropriately accessed at a healthcare facility.

Mr. Ponemon said that regulations initially mean higher breach related expenses but eventually could save companies money.

"Healthcare and financial services companies maintain more personally identifiable information on their servers than enterprises in other sectors."
- Larry Ponemon, Ponemon Institute

An approach to data breaches that can save organizations money initially as well as long term is low-cost on-demand SaaS detection analytics services.

Download a white paper on data privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Regulations' Impact on Data Breach Costs - www.BankInfoSecurity.com, 06/11/2013

Drug Bust Uncovers Patient Privacy Breach?

2013-06-11T09:47:00.002-07:00

A drug bust recovered personal information on 4,500 Sutter Health patients; patients' names, Social Security numbers, birthdates, genders, addresses, zip codes, marital status, employer names, and home/work phone numbers may have been exposed.

"..cannot yet disclose how or where the information was obtained because of the ongoing investigation ." - Stacey Wells, Sutter Health

As this breach was just announced we'll post more details as they become available. However, it seems the hospital was unaware of the breach until law enforcement brought it to their attention. Organizations can now proactively detect privacy breaches with low-cost on-demand SaaS analytics services.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Sutter Health Acknowledges Security Breach - eSecurityPlanet.com, 6/10/2013

Medical Data Sharing Benefits, Better Privacy Required

2013-06-10T10:36:00.001-07:00

A study by the Institute of Medicine found that electronic sharing of patient data collected during healthcare visits could contribute to improving care for the entire population.

Michael Murray, lead author, said "We are missing a tremendous opportunity to turn our health care system into one that learns from each care experience and leads to better and more affordable care for all." But he also noted the public must know their privacy is assured, otherwise they will be less willing to allow their data to be used in health research.

"Electronic sharing of patient data would require stronger security measures to protect patient privacy" ."
- Michael Murray, Regenstrief Institute and Purdue University

Interestingly, identity and access intelligence (IAI) can contribute to both the issues Mr. Murray mentioned. Now available as low-cost on-demand SaaS services, these big data analytics can yield insights into interactions between healthcare workers and patients as well as be utilized to detect data privacy breaches.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Learn how Veriphyr Identity and Access Intelligence delivers clinical insights - with no hardware and no on-site software.

Sources:
(a) Data from routine medical visits can improve care for all - FierceHealth IT, 04/18/2013

EHR Incentives $14.6 Billion

2013-06-07T09:11:00.001-07:00

According to Robert Anthony, deputy director of the HIT Initiative Group at the Centers for Medicare & Medicaid Services’ Office of E-Health Standards and Services, the federal government had paid $14.6 billion in EHR incentives by the end of April 2013.

"More than 77 percent of hospitals have been paid under the program, and registration for eligible providers continues at 75 percent. Three out of every four eligible hospitals have made a financial commitment to an electronic health record."
- Healthcare IT News

Anthony reported that the data through April show that 194,080 providers and 2,977 hospitals are meaningful users of EHRs.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) $14.6 Billion in MU Incentives Paid - www.HealthcareITnews.com, 06/06/2013

Healthcare Seeks Data Analytics Workers

2013-06-06T10:07:00.002-07:00

By 2018 the shortage of healthcare analytics workers could reach two million, according to a McKinsey & Co. study. This is reminiscent to the issues faced in other industries during the tech boom in the late '90s.

PwC's Healthcare IT Practice leader Daniel Garrett notes "fifty to sixty percent of CEOs say they're concerned that they don't have the skills required to execute the strategy that they just created."

"The competition for workers with high-tech analytics skills has ... accelerated partly because of new ... patient-monitoring requirements for hospitals, doctors and physician groups under the Affordable Care Act, also known as Obamacare."
- Bertha Coombs, CNBC reporter

To cope with the shortage of data analytics workers healthcare organizations are utilizing low-cost on-demand SaaS analytics services to meet their needs for intelligence from their clinical and business data.

Learn how Veriphyr Identity and Access Intelligence delivers clinical and business insights - with no hardware and no on-site software.

Sources:
(a) Filling the Skills Gap: Health Care Looks for More Data Workers - www.cnbc.com, 05/23/2013

10 Years in Prison for Patient Identity Thief

2013-06-05T08:18:00.002-07:00

A Montgomery Alabama woman, Rhashema Deramus has been sentenced to 10 years in prison for using Troy Regional Medical Center (TRMC) patient information to file fraudulent tax returns.

Ms. Deramus purchased the stolen identity information from Angeline Austin, who worked for a company that processed TRMC data; Ms. Austin was sentenced to 65 months in prison (we previously wrote about this case).

"Deramus and her associates stole 881 identities, including names, dates of birth and social security numbers, from TRMC and then used the stolen information to file tax returns."
- US Department of Justice

There is no indication that the medical center was aware that patients' privacy had been breached until law enforcement notified them as part of the tax fraud investigation. Rather than learn of breaches from law enforcement, organizations can now utilize low-cost on-demand SaaS analytics for proactive detection of data privacy breaches.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Woman involved in hospital identity theft sentenced to 10 years - www.PHIprivacy.net, 05/23/2013

Penalty Too Lenient in UK Medical Data Theft?

2013-06-04T09:37:00.001-07:00

Paul Hedges, a UK community fitness center health manager, stole medical information about 2471 clients to assist in establishing a business of his own. Prosecuted under the UK Data Protection Act, he was fined £3000, as well as a £15 victim surcharge and £1376 prosecution costs.

The consequences of this insider breach do not seem severe enough to a number of parties.

"Should a data controller have no responsibility for preventing an insider breach other than issuing login credentials to those authorized to access a database? What’s reasonable to expect of data controllers?." - PHIprivacy.net

For example, UK Information Commissioner Office's (ICO) Christopher Graham said “This case shows why there is a need for tough penalties to enforce the Data Protection Act. At very least, behavior of this kind should be recognized as a ‘recordable offense’ which it isn’t now. For the most serious cases the current ‘fine only’ regime will not deter and other options including the threat of prison should be available."

In the US such a case, according to PHIprivacy.net, would have “exceeding authorized access,” as well as criminal, charges, since this theft of sensitive information was for financial gain. What is your opinion? Do you agree with the ICO that financial penalties only will not deter data thefts?

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) UK: Man made redundant fined for stealing sensitive information - www.PHIprivacy.net, 05/23/2013

Bank Teller Identity Theft

2013-06-03T09:25:00.000-07:00

A Philadelphia bank teller accessed customers' accounts to obtain information such as social security number, date of birth. He then sold the information which was used to create counterfeit checks, payable to victims and cashed using the stolen identity information.

The fraud loss for this scheme is estimated to be over a quarter of a million dollars.

"Jewell-Wright obtained the addresses, Social Security numbers, and account bank balances for some of Wachovia’s customers which he then sold." - Private Officer News

Of course bank tellers must have access to customer accounts in order to do their jobs, but determining if access activity is appropriate is critical for uncovering fraud. There are now low-cost on-demand SaaS analytics that can detect inappropriate access to customer data, even by authorized users.

Download a white paper on customer data privacy breach detection. Learn how to proactively identify unauthorized breaches of customer data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Philadelphia Bank Teller’s Theft from Customer Accounts Leads to Criminal Charges - Private Officer News, 06/02/2013

Privacy Breach by Nurse: Court Date Set

2013-05-31T06:04:00.000-07:00

We previously reported that a nurse at Eastern Health in Newfoundland and Labrador, Canada, was charged with inappropriately accessing over 100 patient records.

The nurse's attorney has entered a not guilty plea and a court trial date has been set for September 2013.

"A former Eastern Health employee has pleaded not guilty to unlawfully obtaining health information...A September 2013 trial date has been set." - PHIprivacy.net

An investigation into the nurse's activities was initiated after a patient complained that someone knew too much about their medical information.

The hospital said they now routinely audit who is accessing patient records. Such auditing can now be accomplished easily with low-cost, on-demand SaaS privacy breach detection analytics.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Court Date Set for Nurse Involved in Privacy Breach - PHIprivacy.net, 05/23/2013

NYPD Officer Arrested: Unauthorized PII Access

2013-05-30T09:56:00.001-07:00

NYPD Detective Edwin Vargas was arrested for accessing, without authorization, the National Crime Information Center (NCIC) database, a federal database, to obtain information about at least two NYPD officers.

"Detective Vargas ... illegally obtained information about two officers from a federal database to which he had access based on his status as an NYPD detective." - Manhattan U.S. Attorney, Preet Bharara

Regarding Vargas' inappropriate access to fellow officer information, FBI Assistant Director in Charge George Venizelos said, "the defendant didn’t need to pay anyone to gain access to the NCIC database. But access is not authorization, and he had no authorization.”

The challenge of detecting unauthorized data access by authorized users is easily addressed proactively, or forensically, with low-cost, on-demand SaaS data breach detection analytics.

Download a white paper on data privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) NYPD Detective Charged with Hacking - Office of Inadequate Security, 05/21/2013

Love Triangle ID Theft, Police Chief Arrested

2013-05-29T08:24:00.002-07:00

The Stockton Illinois Chief of Police, Robert Beeter, was arrested and charged with identity theft that occurred when he was deputy chief of the Elgin Illinois Police Department. The charges stem from an extra-marital affair that involved Beeter and two other Elgin officers, who eventually divorced.

During divorce proceedings information, thought to be confidential, was disclosed. The party whose private information was revealed asked the state attorney general and the Elgin police to investigate Beeter. The investigation uncovered Beeter's inappropriate access of police data systems.

"Beeter used the Law Enforcement Agencies Data System to gain information on a specific individual for his personal use." - WTVO Channel 17 News

Organizations can proactively detect inappropriate access to data, even by authorized users, with low-cost, on-demand SaaS analytics services.

Download a white paper on data privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Stockton Police Chief Arrested for Identity Theft Stemming from Love Triangle - MyStateLine.com, 05/22/2013

More Tax Fraud Using Stolen Medical Records

2013-05-28T08:18:00.002-07:00

A nursing aide has been accused of stealing identity information belonging to patients at a Winter Haven Florida nursing home.

"Investigators found personal information and names belonging to more than 100 people who lived at the nursing home."
- 10 News, WTSP.COM

Law enforcement officials say Portia Charlton used the stolen information to file false tax returns; she has received close to $70,000 from the IRS.

It is unclear if the identity thefts were first discovered by the nursing home or law enforcement.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Nursing Assistant Portia Charlton Accused of Stealing IDs from Residents at Nursing Home, Filing False Tax Returns - WTSP.com, 05/27/2013

Nurse Texts Private Info, But Doctor Sued

2013-05-24T07:59:00.000-07:00

A man sought treatment for a sexually transmitted disease at a clinic. A nurse at the clinic texted messages to the patient’s girlfriend, who was the nurse’s sister-in-law, about his condition.

The nurse was fired for her actions but the man sued the clinic for breach of fiduciary duty to maintain the confidentiality of his personal health information. The case is progressing through the courts and is being watched closely by the medical and legal communities.

"If the court does find there is an actionable right directly against a medical facility for the disclosure of medical information by a nonphysician, that would have huge implications throughout New York state and throughout the country."
- T. Andrew Brown, Plaintiff's Attorney

Legal experts such as attorney Brad M. Rostolsky say this case is a reminder to physician practices and medical offices to educate employees properly about privacy regulations and ensure that they know the consequences of such breaches.

ProAssurance, a medical liability carrier, recommends "all employees sign a confidentiality agreement as a condition of employment and again at the time of their performance evaluations. Supervisors should actively monitor for staff violations and discipline violators in a consistent manner."

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Staff slipups on patient privacy can get doctors sued - American Medical News, 04/22/2013

Medical Record Worth $55

2013-05-23T18:10:00.000-07:00

Dr. Deborah Peel, Founder, Patient Privacy Rights, and Marc Rotenberg, Executive Director, Electronic Privacy Information Center, discussed privacy concerns over patient information on The Willis Report, Fox Business News. You can view the entire interview here; it is particularly interesting starting at 5:36.

"Medical records can be purchased for from $14 - $55."
- Dr. Deborah Peel, Founder, Patient Privacy Rights

Dr. Peel pointed out that a person's medical record is now the most valuable information, and a targeted for identity thieves. Mr. Rotenberg noted that all companies need stronger protections in place as they currently run a high risk for privacy data breaches.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) How Private Are Your Medical Records? - The Willis Report, 05/20/2013

Officer Snoops Police Database on Ex-Wife, Her Boyfriend

2013-05-22T09:02:00.000-07:00

In addition to inappropriately accessing personal data on his ex-wife and her boyfriend, Clearwater Florida police commander Crean used a law enforcement database for "questionable purposes" more than 100 times.

Over two years, sometimes while off duty, Crean snooped in the drivers license database, which contains social security numbers, dates of birth, addresses and photographs. He is being disciplined for obtaining information about people unconnected to his law enforcement work.

"Investigators found that Crean disproportionately sought information about women between the ages of 24 and 33." - Tampa Bay Times

It can be difficult to detect snooping by people who are authorized to use a database, but there are now low-cost on-demand SaaS services that easily reveal such inappropriate activity so that it can be dealt with rapidly.

Download a white paper on data privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Clearwater officer to be disciplined for improper use of database - Tampa Bay Times,05/17/2013

Health IT Spending: Drivers Beyond Meaningful Use

2013-05-21T05:14:00.000-07:00

BCC Research recently predicted total spending on clinical health IT will soar to $26.1 billion a year in five years, up from $9.5 in 2011 and $11.2 in 2012. The high growth rate beyond 2015 reflects unmet demand for EHR systems, but that's only part of the story.

Presbyterian Intercommunity Hospital, a 409-bed Whittier, CA facility, gives us an example of what's next in health information technology spending. PIH has met government requirements for meaningful use and will do so for electronic health records in 2014. So they're turning their attention to a data warehouse for patient records which will allow for better management of the overall health of their patient population.

"Everybody assumes that when meaningful use is over, the bubble will pop, but there are a lot of other things driving growth. Accountable care organizations, there are about 200 right now (and) that's going to grow.."
- Jeffrey Loo, Analyst, S&P Capital IQ

Leveraging vast amounts of clinical, operational and financial data will be critical for health entities to successfully participate in accountable care organizations and meet various regulatory requirements. Big data analytics, in particular the new area of Identity and Access Intelligence (IAI), offer low-cost on-demand SaaS services to meet the unique needs of the healthcare industry.

Learn how Veriphyr Identity and Access Intelligence delivers business and clinical insights - with no hardware and no on-site software.

Sources:
(a) Riding the Wave - www.modernhealthcare.com, 05/20/2013

Patient Identities Breached in Indiana

2013-05-20T06:29:00.002-07:00

About 180 patients of an Indiana healthcare provider have been notified about possible compromise of their identity information.

One of the provider's employees accessed computerized records and may have taken information such as social security numbers, dates of birth and credit card numbers.

"Since they didn’t say anything about technical safeguards, the assumption can be made that there were none in place.."
-Health IT Security

The healthcare organization was alerted to the possible identity thefts by law enforcement, not apparently from internal safeguards.

Organizations can avoid learning from third parties about such breaches, even by authorized users, by utilizing new low-cost on-demand SaaS proactive breach detection services.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Community Health Sends Patients Data Breach Notifications - www.healthitsecurity.com, 05/17/2013

EMRs: Balancing Access with Patient Privacy

2013-05-17T10:50:00.002-07:00

Robert Wah, MD, Chief Medical Officer for CSC Global Health organization, says it's critical that healthcare professionals keep in mind patients' privacy concerns.

Dr. Wah believes patients will become more accepting of EHRs as they experience the benefits of having such information as their past medical history, medications, allergies, etc. available to their various healthcare providers.

"Patients recognize if their health information were to be exposed or distributed inappropriately, it’s a bell you cannot un-ring."
- Robert Wah, MD, CSC, chief medical officer and medical director for the CSC Global Healthcare organization

However, Wah emphasized that best practices, including technology, be employed to protect data, which will contribute to patients being more comfortable with having their health information in electronic format.

Once such new technology, for proactive privacy breach detection, is low-cost on-demand SaaS service.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) EMRs: Balancing Improved Access with Patient Privacy Concerns - www.amnhealthcare.com, 03/26/2013

Halamka, Hoyt: EHRs Benefiting Patients

2013-05-16T12:31:00.001-07:00

John D. Halamka, CIO of Beth Israel Deaconess Medical Center, and John P. Hoyt, EVP of HIMSS Analytics, have seen what health IT can and will accomplish and are asking Congress to consider the "many positives of health IT" as reduced ACA-related spending is discussed.

Halamka and Hoyt point out that without health IT investment healthcare transformation is impossible and enumerate the elements to calculate the full value of health IT.

"Congress needs to consider the positives of health IT when considering reductions in ACA-related spending, especially as it comes to widespread use of EHRs. Change obviously has immediate costs, but investments in updated technology now will improve patient care in the long run." - John Halamka and John Hoyt

They note that electronic medical record (EHR) systems are helping to rein in costs and improve quality and safety of patient care.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Don't Forget Electronic Health Records Are Benefiting Patients - www.ihealthbeat.org, 05/15/2013

Pharmacists Adequatedly Protecting Patient Privacy?

2013-05-15T09:33:00.001-07:00

An excellent review by Melinda C. Joyce, about steps pharmacy departments can take to protect patient privacy, was published on the American Pharmacists Association website.

Dr. Joyce first traces the history of HIPAA compliance and how it has become incorporated into pharmacy practice since the act's beginning in 1996.

"Conducting patient privacy checks may help monitor what’s happening in the pharmacy and identify potential issues. Review pharmacy staff members’ electronic access and ensure that it’s appropriate."
- Melinda C. Joyce, PharmD, FAPhA, FACHE Pharmacy Today Health-System Editor, Vice President, Corporate Support Services, Medical Center Bowling Green, KY

She highlights the importance not only of limiting access to patient data but that "managers and department directors must keep close tabs on who has what access." Dr. Joyce reminds readers that "over time, people, jobs, and functions can change, and to make sure that access changes as well."

Following Dr. Joyce's recommendations of access compliance and attestation as well as breach detection will contribute to pharmacy departments' protecting patient privacy. Such recommendations are now easier to accomplish with low-cost on-demand SaaS services.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Patient Privacy and Sleepless Nights - www.pharmacist.com, 05/01/2013

Health IT Market: $56.7 Billion by 2017

2013-05-14T09:53:00.002-07:00

A report by research firm MarketsandMarkets, published in Clinical Innovation & Technology, the global health IT market will grow to $56.7 billion by 2017.

While the US and Canada is estimated to account for the largest share of the market, Asia-Pacific will have the steepest growth owing to the region's rapid adoption of health IT systems. In part the outside North America growth will be driven by medical tourism as patients seek lower cost care.

"The global healthcare IT market is estimated to grow at a CAGR of 7.0% to reach $ 56.7 billion by 2017 from $40.4 billion in 2012 due to the significant demand for clinical information technology, administrative solutions and services."
- Markets and Markets, Research Firm

In North America factors contributing to growth include "government investment/incentives, increased patient engagement, higher demand for integrated health IT systems."

As health IT systems proliferate so do opportunities for privacy breaches. Proactive privacy breach detection can now be accomplished with low-cost on-demand SaaS services.

Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.

Sources:
(a) Global Health IT Market Poised to Reach 56.7 Billion by 2017 - iHealthBeat.com, 05/13/2013
(b) Healthcare IT Market By Application [Provider IT (EMR, PACS, CPOE, RIS, CDSS, RCM, Claims Management, Payroll), Payer IT (CRM, Fraud Detection)], Delivery Mode (On-Premises, Web-Based Services & Cloud Computing) & Component – Global Forecasts to 2017 - Markets and Markets, May 2013