Tuesday, October 08, 2013
Healthcare provider experiences data breach due to unsecured email
A North Carolina-based healthcare system was forced to notify patients of a data breach caused by an employee's use of unsecured email.
Information sharing is a critical consideration for any healthcare provider. Doctors, nurses and other care providers cannot adequately treat their patients without access to essential data. This is one of the reasons why the rise of electronic health records (EHRs) is widely seen as a major development in the realm of healthcare.
However, there is a downside to this trend, and that is the fact that as health-related data becomes more readily available to industry professionals, the risk of a data breach or exposure also rises. Only by utilizing extremely reliable, advanced secure file sharing tools can organizations optimize collaboration without putting sensitive information at risk.
The consequences of insufficient data protection measures were recently put on display, as a North Carolina-based healthcare system was forced to notify patients of a data breach caused by an employee's use of unsecured email.
The data breach was discovered during a routine audit conducted in August. It occurred because an employee sent an unsecured email which contained a variety of sensitive data for more than 1,300 patients. Among the information included in this email were names, addresses, dates of birth, diagnoses, medications and insurance companies.
The healthcare provider insisted in a statement that there is no reason to believe that this email was viewed by unauthorized personnel. However, the organization has informed the concerned patients of the potential breach nonetheless in order to comply with relevant U.S. Department of Health and Human Services regulations.
The healthcare provider indicated that it will institute new processes and provide additional training to emphasize the importance of best practices when it comes to data security for staff members.
Better email needed
This incident highlights the need for high-quality, secure email solutions for organizations in the healthcare sector. Without such tools in place, healthcare professionals will inevitably turn to less reliable options, such as consumer-grade email solutions. While fine for personal use, such resources are simply not secure enough to handle such highly sensitive data as patients' health information.
By providing workers with a high-grade, secure email solution, healthcare providers can enable effective collaboration among workers without putting patient data at risk of loss, theft or exposure, thereby assuring compliance without compromising effectiveness or productivity.