Data security must improve in the healthcare sector, pundits say
The need for electronic data security has apparently taken many healthcare organizations by surprise, as a study from PricewaterhouseCoopers found that a majority were not prepared for the task.
More than half - 55 percent - of healthcare providers responding to PwC's survey said they had not addressed mobile-specific privacy and security issues, with roughly the same percentage saying they had experienced a problem with privacy or information security in the previous 24 months.
"Most breaches are not the result of IT hackers, but rather reflect the increase in the risks of the knowledgeable insider related to identity theft and simple human error - loss of a computer or device, lack of knowledge or unintended unauthorized disclosure," said health information co-leader and director James Koenig.
Lax security policy and insufficient due diligence performed on IT outsourcing vendors are also contributing to this insecurity, the study found.
Regulatory standards and privacy laws, it must be remembered, are not suggestions. In addition to the direct consequences of a breach, companies found in violation should expect fines and sanctions from the government.