Nearly all small healthcare organizations and practices responding to a recent survey said they've suffered some sort of data breach in the past year, the Ponemon Institute announced this week. Overall, 91 percent of responding facilities with 250 employees or less said they had suffered at least one data breach, with 23 percent of respondents saying that their organizations experienced at least one patient medical identity theft in that time span.
What's more, three-fourths of respondents said that organizations lacked sufficient funding to prevent such breaches; 48 percent, meanwhile, said that less than 10 percent of their organization's annual budget was used on data security.
Major factors for such breaches included negligent employees and an inability to meet compliance requirements, according to the study's authors. Mobile device use and social media activity were considered to be areas of particular vulnerability.
Ponemon Institute founder Larry Ponemon said that despite organizations indicating they were on the right track with regard to privacy, few in management at such facilities saw data security as a "top priority."
"Suprisingly, only 30 percent [of respondents] agree that they have adequate resources to ensure that privacy and data security requirements are met," he said.
John Glaser, Ph.D., CEO of Siemens Health Services, pointed out in a Hospitals & Health Networks post this week that health IT is more accessible today than ever. "The costs of technologies are decreasing, and remote management visa high performance networks means it is possible for the rural and community hospital to take advantage of enterprise-level HIT for a reasonable cost," Glaser said.
More than 700 practitioners participated in the Ponemon survey, which was sponsored by communications networking company MegaPath. A Ponemon survey released last fall determined that data security breaches cost the U.S. healthcare industry roughly $6.5 billion annually.
For more information:
- here's an announcement on the study
- download the report
- read the Hospitals & Health Networks post