Remote users often lax with health data protection

Thanks to mobility, cloud-based storage and web access to office databases, about two-thirds of working professionals have accessed "some type of sensitive data" outside of their offices within the last year, according to a "visual data breach" survey conducted by People Security on behalf of 3M. A good number of those had viewed health data remotely, opening up the possibility of significant HIPAA violations (though the report doesn't specifically mention HIPAA).

"A significant number of respondents surveyed have accessed personally identifiable information and protected health information outside of the office, with 26 percent accessing credit card numbers, 24 percent accessing Social Security numbers and 15 percent accessing medical information," the report says.

While organizations generally have done a good job with protecting data storage and transmission with technologies such as virtual private networks, disk encryption software and two-factor authentication, "visual privacy" of display screens generally is an afterthought. The report notes right on the cover page that 3M makes privacy filters for computers and mobile devices, so take that finding with a grain of salt.

Survey respondents generally indicated that convenience is more important to them than privacy when working outside the office. People Security conducted the survey at kiosks set up at an unspecified IT conference and observed that 26 percent of kiosk users accessed corporate email from the computers, which had been set up so the screens were "highly visible" to passersby. Only 35 percent of kiosk users chose screens with 3M privacy filters, the report says.

"This was in sharp contrast to the results of the survey, where 80 percent of respondents said that they would choose the privacy filter equipped machine in similar circumstances. This shows a significant gap between what people believe about privacy and how they actually behave," the report noted.

To learn more:
- take a look at this CMIO story
- read the full report (.pdf)

Suggested Articles

We take a look back at health insurers' financial performance, including soaring profits, in Q2.

Blue Shield of California is teaming up with Cricket Health to offer coordinated care to members with late-stage and end-stage renal disease.

Here's why analysts and industry leaders think the Teladoc-Livongo deal could significantly change the virtual care market and healthcare delivery.