Communication by feds, between providers necessary to improve state of patient privacy

With 2015 notable for its healthcare breaches, the Brookings Institution's Niam Yaraghi and a team of researchers recently set out to discern lessons learned from them.

In a new paper, they lay out the results of 22 in-depth interviews with healthcare providers, health insurance companies and industry business associates.

Among the factors behind the breaches, the authors note that:

  • Patient information is incredibly valuable for thieves. Much of it, such as Social Security numbers, dates of birth and home addresses cannot be changed if stolen.
  • Access to medical data is too broad.
  • Storage of medical data is ideal for thieves, as it oftentimes resides with mounds of other information.

To that end, Yaraghi and his colleagues recommend that providers make more of a concerted effort to focus on improving data privacy. They also urge better communication of audit details by the Department of Health and Human Services' Office for Civil Rights. Yaraghi previously criticized OCR's "Wall of Shame" as not really being useful.

In addition, they say that better communication among healthcare organizations is needed. Efforts are underway to better share security data through the HHS Cybersecurity Task Force and the beefing up of Information Sharing and Analysis Centers (ISACs).

To learn more:
- read the paper (.pdf)