ONC's Joy Pritts on breach prevention: Encryption is key

Encryption is the single most essential technology to use for breach prevention, according to Joy Pritts, chief privacy officer at the Office of the National Coordinator for Health IT.

Pritts, in a recent interview with Healthcare Info Security, said that encryption is "much more advanced" than it was five years ago, and necessary as patient privacy issues continue to persist.

"We still see the largest impact of breaches has been from lost and stolen technology," Pritts said. "[T]here really is not a good reason at this point, if you're purchasing new technology, not to make sure that you can encrypt it."

Even if devices are encrypted, though, Pritts said that providers and companies also need to ensure that safeguards are in place to prevent employees from snooping into patient's records.

Culture is one of the largest challenges to privacy in the healthcare sector today, according to Pritts, who said that many still see privacy and security as "barriers" to care delivery.

"We see privacy and security actually as being facilitators and that, when the message from the top is that privacy and security are good for the patient and good for business, we will see more of an attitude that these are things that organizations should be doing very willingly and will see the benefit to them and their patients," Pritts said.

Earlier this month, it was reported that the National Institute of Standards and Technology launched a formal review of its encryption processes. NIST data encryption standards currently are used in electronic healthcare data security and exchange.

To learn more:
- read the article in Healthcare IT Security

Related Articles:
5 ways ONC is demonstrating health IT progress
ONC wants you to comment on its updated strategic plan
HHS finalizes health IT safety plan
Todd Park: Patient engagement will 'vastly' improve healthcare
Beacon programs share patient engagement IT lessons learned