There have been 502 reportable data breaches since 2009, affecting 21.2 million individuals; over 91 breaches affecting 2.06 million individuals have occurred in 2012 alone. Healthcare data breaches went up 32% from 2010-2011 costing the industry over $4.2 billion per year.
At the American Hospital Association Company seminar on how to manage data breaches, experts gathered to discuss security, compliance, best practices and how to gain support from the board and executives of maintain a culture of privacy.
The following 4 best practices were the key takeaways from the seminar:
- Encryption – particularly important given the high adoption rate of BYOD on healthcare
- Prepare for a breach – a panelist calls a breach ‘inevitable’ for all organizations, so having a tested plan is key
- Assess annually – budget and plan to reassess privacy and security compliance every year
- Find and close gaps – prove that your organization is being proactive to protect patient privacy
As commenters have also noted, it also shouldn’t be overlooked that training needs to continually re-enforce the importance of maintaining patient privacy in training programs and procedures.