Giva Blog
Help Desk, Customer Service, Cloud & Security Insights, with a Side of Altruism!

HIPAA Safeguards

HIPAA Data Security & Data Breaches

In being just a little over halfway through 2015, still, this year's Identity Theft Resource Center (ITRC) Data Breach Report reveals that 424 data breaches have already occurred as of July 14. This partial year's breaches have exposed more sensitive customer information than last year's breaches. Now is certainly a prime time for companies to review their security measures they take to prevent being the victim data breaches.

[Read More]

Healthcare Data Breaches on the Rise

Healthcare Data Protection

Since the start of the year, over 92 million medical records have been affected by breaches of the healthcare industry. According to recent news in Forbes, these breaches can affect customers both financially and in a more personal way with the private medical history involved making them more vulnerable. The fraudster could actually receive medical treatment under the victim's identity in the end putting the victim at risk of later receiving wrong medical service based on someone else's health information. The possibilities of complications stemming from these breaches are endless.

According to the article, it used to be that the top cause for patient data loss was an employee losing a device or having it stolen, but more recently the medical information is being obtained through cyber attacks on major medical organizations including Anthem, Premera and Carefirst. Because financial services and retailers have become savvier about protecting customer data the cyber criminals are now targeting the healthcare industry. "In a recent FBI presentation, Kam [Rick Kam, president and cofounder of ID Experts] says that the agency said that it had seen health insurance information fetching a price of $60-$70 on the black market as opposed to less than a dollar for a Social Security Number." This should propel all of the healthcare industry to do all they can to make the protection of their customers' private information a top priority.

Giva's cloud software rises above the rest by being HIPAA compliant. For more in depth information on this very important benefit , please see 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Job Loss From Data Breach

Data Breach

With new technology comes new dangers. Data breaches are a crippling threat to businesses nationwide for multiple reasons: business security has failed its customers and their information is unsafe (whether it be financial or medical), companies lose money when it is time to repay or monitor its customers by hiring third parties, and employees actually suffer job loss from these devastating breaches.

The Identity Theft Resource Center's Data Breach Reports defines a breach as "an incident in which an individual name plus a Social Security number, driver's license number, medical record or financial record (credit/debit cards included) is potentially put at risk because of exposure. This exposure can occur either electronically or in paper format." As of December 16th, the ITRC recorded 744 breaches with over 81 million informational records compromised. Big businesses such as Home Depot, Target, Michael's, Neiman Marcus, and Bebe are victims of data breaches.

Firstly, data breaches can cause massive monetary damage. Elizabeth Weise from USA Today says, "Companies need [breach insurance] because they have to pay up when their customers get hit." The average monetary loss is $188.00 per customer hacked, which the company is required to pay back. Even a small business of 1,000 customers is then required to pay $188,000. Breach insurance can be expensive, but so can being the victim of a cyber attack.

Insurance and monetary compensation are possible solutions. However, most people do not realize the effects of security breaches on those in charge of business security. Data attacks can result in job loss. These job losses include Beth Jacob, CIO of Target; Maricopa County Community College District director, Miguel Corzo; head of Utah's Department of Health's technology department, Stephen Fletcher; and an Accretive Health employee responsible for the loss of an unencrypted laptop filled with sensitive healthcare information on over 23,000 patients.

When it comes to data breaches, there seems to be a greater margin of job penalty in the field of healthcare. Aside from the few mentioned above, Goold Health Systems fired an employee this year for downloading patient information onto a USB drive and then losing it. Highmark, Inc. fired a mail room employee for an error which disclosed over 3,500 patients' Medicare information without authorization. Two Georgia Hospital employees were fired for improperly disposing of an unencrypted desktop including information on over 6,500 patients. Boston Medical Center fired a third-party vendor after realizing they had posted data from 15,000 patients to the website without password protection.

Whether via carelessness, accident, or the work of a hacker, customer information must be taken seriously, especially when it pertains to healthcare. The lack of security can result in job loss. This is not a new issue: in 2006, four healthcare employees of Providence Health Care were fired for the theft of 365,000 healthcare patients' medical records. Thankfully, a security vendor was hired, and patients could sign up for information restoration and monitoring.

However, the healthcare business demographic accounts for almost half of ITRC's recorded data breaches, with hacking as the cause for more than a third of these breaches. Healthcare records provide a wealth of information, making them a huge target for cyber attacks. Because of this, federal law and the Health Insurance Portability and Accountability Act (also known as HIPAA) require security methods such as encryption of medical data to ensure a company remains protected from a data breach.

Businesses are going to have to continue to be vigilant in implementing their security strategies.

With Giva, security is of the utmost importance.  This is why Giva is has worked to become HIPAA-compliant, with its cloud software complying with strict regulations, helping keep their healthcare - and all - customers' information safe.

Look for Hackers to Target Healthcare in 2015

Healthcare Data Hacking

Now more than ever, businesses need to be diligent about securing customer information. According to a recent news article, 2015 could be the "Year of the Healthcare Hack." Hackers could target both healthcare and insurance companies in order to secure customers personal information. The No. 2 U.S. health insurer, Anthem Inc., disclosed a breach of its database that has affected nearly 80 million records leading to investigations by state and local authorities. While in the past, cybercriminals have focused on the financial and retail sector; the new target is less-secure medical data. That being the case, many businesses are starting to focus more on security. According to research analyst Stephanie Balaouras at Forrester, "If your company execs are smart, they will make protecting customers' data and preserving their privacy one of their top business and social responsibilities in 2015." (Forrester)

With all the benefits of Healthcare Information Technology, the obstacle of cyber attacks must be addressed as well. Many businesses have prospered because of HIT and will continue to do so in the future.  However, being proactive in addressing this security issue must be a priority for all businesses in 2015 in order to secure customer information. The Reuters article above mentions that "UnitedHealth Group Inc. and Aetna Inc. have been warning investors about the risks of cyber crime since 2011." Warning investors is important; preventing hackers from stealing customer information is paramount. In meeting the strict HIPAA compliance regulations for cyber security, Giva can be the answer to businesses concerned about this problem. For more information read 7 Key elements of Giva's HIPPA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Value in Healthcare Information Technology (HIT)

Healthcare Information Technology

In a digitized world, one of the greatest conveniences is health information technology (HIT). Considering nearly everyone in the US is a consumer of healthcare, there are numerous benefits to adopting electronic health records. The evidence report, Costs and Benefits of Health Information Technology, outlines a few. Health information technology is a means of electronically storing, recording, accessing, or transferring a patient's medical records. This includes health and medical history. Not only is this paperless and perhaps more reliable, but it allows for "clinical decision-making and disease management." It also allows for prescription filling, test ordering, and care reminding. For example, the system can provide alerts for necessary patient vaccinations or send a prescription to be filled at a pharmacy convenient to the patient. Overall, health information technology improves the efficiency of healthcare - a highly profitable, nationwide business.

However, adopting HIT is costly and requires change in the organization. It is considered an investment, but perhaps a necessary investment in terms of economic advancement. In non-financially focused studies concerning adoption of HIT, areas of improvement included increased productivity by the healthcare provider, improved patient safety and, subsequently, fewer adverse drug events (ADE) and time spent in hospitals to treat ADEs, and better physician decision-making. For example, the ability to reduce the "ordering of redundant clinical laboratory tests could produce an annual savings of $35,000 in laboratory charges." It is economically beneficial to improve the efficiency of healthcare.

In a day and age where nearly everything is digitized, it is only fitting a business as widely used as healthcare should follow suit. Adopting health information technology will improve provider efficiency while increasing consumer centeredness. Electronic health records are more personalized, more organized and more efficient. Although implementation of HIT is an expensive adjustment, benefits for both provider and consumer are apparent. Healthcare efficiency is important to society as a whole.

With efficiency of digital access to healthcare records comes the necessity of increased data security measures. The Federal Health Insurance Portability and Accountability Act of 1996, known as HIPAA, was passed to establish a national framework for security standards and protection of confidentiality with regard to health care data and information. Fortunately, Giva makes HIPAA compliance very easy for our customers. The data center, hardware and software infrastructure of Giva's cloud help desk & customer service software meet the very strict HIPAA compliance regulations. See 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Are You HIPAA Compliant? - The Rise of Healthcare Data Breaches

A recent report by the Identity Theft Resource Center should heighten the level of concern of a number of healthcare companies. According to statistics compiled in 2013, the healthcare sector now accounts for 43.8% of total reported data breaches. That is the most of any sector. The reason is likely two-fold. First, the healthcare industry is subject to some of the strictest reporting requirements in the U.S. economy. These strict regulations force healthcare companies to publicly report information on all large data breaches. Second, hackers are increasingly recognizing healthcare companies as a valuable source of personal information. Hacking accounted for over a quarter of reported data breaches in 2013. Healthcare companies must become more aware of these external threats.

The Health Insurance Portability and Accountability Act (HIPAA) along with other federal requirements make strict security measures and data encryption methods a necessity for healthcare companies. Failure to implement these standards leaves these companies vulnerable to an attack. Companies are subject to federal punishments if a data breach occurs due to relaxed security measures. These include large fines and financial penalties. Given that the healthcare industry is now a popular victim of hackers, healthcare companies cannot afford to assume their security measures are sufficient.

Thankfully, Giva makes HIPAA compliance very easy for our customers. The data center, hardware and software infrastructure of Giva's cloud help desk & customer service software meet the very strict HIPAA compliance regulations. For more information visit 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Are You HIPAA Compliant? - Healthcare Information Safety

A recent report from the Washington Post offered some sobering news about the safety of information in the healthcare industry. According to the United States Department of Health and Human Services (HHS) 3.6 million patient records have been stolen from health firms via hackers since 2009. This statistic does not include the most recent hacking of Community Health Systems which lost 4.5 million records to a group of Chinese hackers earlier this year. Large data breaches are not the only concern. In 2012, HHS received 21,194 reports of small data breaches from healthcare companies.

Healthcare companies should be wary. According to a 2013 study conducted by the Healthcare Information and Management Systems Society only 69% of health security professionals said their company had established a data breach plan. The organization concluded that the healthcare industry has only reached an "average level of maturity" on security issues. This statement should be concerning to healthcare companies. Strict regulations in the Health Insurance Portability and Accountability Act (HIPAA) and further provisions tied to the 2009 stimulus require healthcare companies to comply with firm security measures. Companies that fail to comply with these measures and are subject to a data breach face many severe consequences. Large financial penalties are in place and companies often suffer backlash.

Fortunately, Giva makes HIPAA compliance very easy for our customers. The data center, hardware and software infrastructure of Giva's cloud help desk & customer service software meet the very strict HIPAA compliance regulations. For more information visit 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

Are You HIPAA Compliant?

Earlier this year medical records of 4.5 million patients were stolen from Community Health Systems (CHS) by a sophisticated group of Chinese hackers. According to the Washington Post the names, birth dates, telephone numbers, and social security numbers of patients were copied and transferred from the company's systems. This information has been protected under the Health Insurance Portability and Accountability Act (HIPPA) for the last decade. As required by federal law CHS notified all impacted patients and provided them with free identity theft services. The company’s liability insurance was expected to absorb the major financial impacts of the data breach. Their mandated Security and Exchange Commission Filing stating the consequences of the breach was published on August 18 and can be found here.The Health Insurance Portability and Accountability Act requires all companies contributing to healthcare services to protect patient’s personal health records with strict security and data encryption measures. Companies that suffer a data breach due to relaxed security measures can be found in violation of federal law. Penalties are strict. Significant fines that can jeopardize a company's financial standing and reputation are charged per incident. According to the FBI, the digitization of medical records has encouraged hackers to increasingly target healthcare companies. Strong security measures that align with strict HIPAA regulations are now required of all healthcare providers.

Fortunately, Giva makes HIPAA compliance very easy for our customers. The data center, hardware and software infrastructure of Giva's cloud help desk & customer service software meet the very strict HIPAA compliance regulations. Click on: 7 Key Elements of Giva's HIPAA-Compliant Cloud Help Desk Software for Electronic Health & Medical Records.

 

Newer Entires     1   2   3   4