The healthcare system is one of the industries most affected by this, and it is at a greater risk of data breach through cyber intrusions, resulting in the breach of confidential information. The rise of data breaches in the healthcare industry has aroused numerous concerns regarding the security of patient information stored in electronic health records (EHRs). Electronic documentation and storage of confidential health information have triggered massive cyber-attacks and, inadvertently, loss of data. Increased data demand, particularly in black markets, has increased the vulnerability of private health information to both external and internal intruders. Due to this security concern, it is important for healthcare institutions to implement proper security measures that will guarantee the security of patients’ sensitive information (Liu, Musen & Chou, 2015).
Significance of Data Breaches
Data breaches present a significant impact on both the patient and the healthcare organization. According to Agaku et al. (2014), breached health information costs the United States healthcare industry approximately $7 billion every year. Besides, breach of patient information raises their vulnerability to financial theft or medical identity due to disclosure of sensitive stored information. For instance, hacked information may be used maliciously to get medical treatment, goods, or services, which has serious economic and health impacts on the affected patient. The false changes to medical history arising from the intrusion of information by take time to be revealed. Thus, individuals who are victims of medical identity theft or data breaches may obtain inappropriate medical treatment because of changes made in their stored health information. Also, victims of data breaches may overuse their insurance benefits and fail to pass medical screening due to altered information as a result of data intrusion (Agaku et al. 2014).
Challenges in Safeguarding Confidential Health Information
Safeguarding confidential health information is becoming increasingly difficult. With the emergence of new technology, such as mobile devices, file-sharing applications, and cloud-based services, it is becoming challenging to guarantee the total security of confidential patient information. Overreliance on these devices increases the vulnerability of protected confidential health information to malicious attacks. Additionally, healthcare organizations’ overreliance on this technology increases their susceptibility to stealing or losing a significant amount of data (Luna et al. 2016). Thus, addressing the issue of data breaches in the healthcare industry is of great importance.
Impact of Data Breaches
Health information system plays a critical role in the delivery of patient-centered care. However, the use of healthcare information systems leads to skyrocketing healthcare costs. Healthcare information systems such as EHRs provide healthcare providers instant access to patient information regardless of location, leading to continuity of care. Healthcare providers are in a position to access important patient information that helps them provide emergency care or manage chronic conditions. From a patient’s perspective, the health information system allows them to participate in planning their care and decision-making. Besides, the health information system provides the healthcare executive with the opportunity to make strategic decisions upon identifying areas that require investment or concentration based on the available data.
However, malicious individuals, particularly cybercriminals, are after patient information stored in the healthcare system so that they can use their benefit, which can be a personal interest or commercial gain. Security threats to confidential health information can originate from both external and internal sources. The sources aim at both stealing or corrupting personalized health information (PHI), which in turn leads to problems for the patients, payers, and healthcare organizations. The Health Insurance Portability and Accountability Act (HIPAA) requires health organizations to implement security measures that promote the protection of health information that is considered sensitive and confidential.
References
Agaku, I.T., Addisa, A.O., Ayo-Yusuf, O.A., & Connolly, G.N. (2014). Concerns about security and privacy and perceived control over the collection and use of health information are related to the withholding of health information for healthcare providers. Journal of American Medical Informatics Association, 21(2), 374-378. doi: 10.1136/amiajnl-2013-002079
Liu, V., Musen, M.A., & Chou, T. (2015). Data breaches of protected health information in the United States. Journal of the American Medical Information Association, 313(14), 1471-1473. doi:10.1001/jama.2015.2252
Luna, R., Rhine, E., Myhra, M., Sullivan, R., & Kruse, C. S. (2016). Cyber threats to health information systems: A systematic review. Technology & Health Care, 24(1), 1-9. doi:10.3233/THC-151102
Cite This Work
To export a reference to this article please select a referencing stye below: