August 17, 2016

Cost of a Breach: Forensics and Notification

Continuing our Cost of a Breach series that examines and breaks down the cost of a hospital data breach, this week’s post will take a closer look at the first two steps a hospital or healthcare institution must take after a data breach has occurred: forensics and notification. In the aftermath of a data breach, the first thing a healthcare organization must do is determine what electronic health records (EHRs) were illegitimately accessed and who accessed them; this process is known as data forensics. Once the scope of the breach is known, an institution must then notify any affected patients and provide them with specific support services.

Continue Reading
August 9, 2016

July Healthcare Data Breaches Spike to 39, Some Going Undetected for Years

After a staggering 11 million patient records were breached in June, July's number of total records breached is back down to April’s levels, at 126,930 records (though nearly half of U.S. states had at least one healthcare data breach incident this month). New this month, we present an analysis of the amount of time a breach goes unreported, finding an average time lapse of two years, with as many as six years elapsing in one case.  

Continue Reading
August 1, 2016

Getting Schooled on Patient Privacy Analytics

Summer school is still in session! In an effort to help cure vendor fatigue, we’ve decided to put together a Privacy Analytics Primer to demystify all the similar-sounding solutions and phrases out there. We’re focusing on how compliance and security officers can ensure that EHR access is reviewed and patient privacy protected, per 45 CFR 164.308 and 45 CFR 164.312.* Our aim is to help you better determine which type of privacy program is right for your institution.

Continue Reading
July 27, 2016

Five Components of a Proactive Patient Privacy Analytics Platform

As more healthcare organizations switch from paper to electronic health records (EHRs), the ability of those organizations to secure electronic records becomes more and more important. And with threats becoming increasingly common and costly, healthcare organizations need to carefully consider how they are going to prevent security breaches and what key components are necessary in a security platform in order to counter attempts to steal their patients’ health data.

Continue Reading
July 20, 2016

Bringing the Cost of Healthcare Data Breaches Into Focus

The negative financial consequences of healthcare data breaches continue to worsen. Even a single healthcare data breach can easily end up costing millions of dollars in damages. Just last week, Oregon Health & Science University agreed to pay the Office of Civil Rights (OCR) $2.7 million for two data breaches in 2013 that involved more than 7,000 patients.  This is likely not the end of these costs for OHSU, as fines are only a single component of the significant and ongoing costs of a breach.  However, one of the challenges our C-Suite customers often face is quantifying the full financial impact of a breach, in order to prioritize privacy and security and make a business case to their board.  To this end, Protenus is launching a new series of blog posts to break down and clarify the financial costs of a healthcare data breach.

Continue Reading