Healthcare system is one of the most affected industries which are at a greater risk of data breaching through cyber intrusions resulting in breach of confidential information. The rise of data breaches in healthcare industry has aroused numerous concerns regards the security of patient information stored in electronic health records (EHRs). Electronic documentation and storage of confidential health information has triggered massive cyber-attacks and inadvertent loses of data. Increased data demand particularly in black markets has increased the vulnerability of private health information to both external and internal intruders. Due to this security concern, it is important for healthcare institutions to implement proper security measures that will guarantee security to patient’s sensitive information (Liu, Musen & Chou, 2015).
Significance of Data Breaches
Data breaches present a significant impact on both the patient and the healthcare organization. According to Agaku et al. (2014), breached health information costs the United States’ healthcare industry approximately $7 billion every year. Besides, breach of patient information rises their vulnerability to financial theft or medical identity due to disclosure of sensitive stored information. For instance, hacked information may be used maliciously to get medical treatment, goods or services which has serious economic and health impact on the affected patient. The false changes to medical history arising from intrusion of information by take time to be revealed. Thus, individuals who are victims of medical identity theft or data breaches may obtain inappropriate medical treatment because of changes made in their stored health information. Also, victims of data breaches may overuse their insurance benefits and fail to pass medical screening due to altered information as a result of data intrusion (Agaku et al. 2014).
Challenges in Safeguarding Confidential Health Information
Safeguarding confidential health information is becoming increasing difficult. With the emergency of new technology such as mobile devices, file sharing applications and cloud-based services, it is becoming challenging to guarantee total security to confidential patient information. Overreliance of these devices increases the vulnerability of protected confidential health information to malicious attacks. Additionally, overreliance of these technology by healthcare organizations increases the susceptibility of stealing or losing a significant amount of data (Luna et al. 2016). Thus, addressing the issue of data breaching in healthcare industry is of great importance.
Impact of Data Breaches
Health information system plays a critical role in delivery of patient-centered care. However, the use the use of healthcare information system leads to skyrocketing healthcare costs. Healthcare information system such as EHRs provides healthcare providers with instant access to patient information regardless of the location leading to continuity of care. Healthcare providers are in a position to access important patient information that helps them in providing emergency care or managing chronic conditions. From a patient’s perspective, health information system allows them to participate in planning their care and decision making. Besides, health information system provides the healthcare executive with opportunity to make strategic decisions upon identifying areas which require investment or concentration based on the available data.
However, malicious individuals particularly cybercriminals are after patient information stored in the healthcare system so that they can use their benefit which can be personal interest or for commercial gain. Security threats to confidential health information can originate from both external and internal source. The sources aim at both stealing or corrupting personalized health information (PHI) that in turn leads to problems for the patients, payers, and healthcare organization. The Health Insurance Portability and Accountability Act (HIPAA) requires health organizations to implement security measures that promote the protection of health information which considered sensitive and confidential.
Agaku, I.T., Addisa, A.O., Ayo-Yusuf, O.A., & Connolly, G.N. (2014). Concern about security and privacy, and perceived control over collection and use of health information are related to withholding of health information for healthcare providers. Journal of American Medical Informatics Association, 21(2), 374-378. doi: 10.1136/amiajnl-2013-002079
Liu, V., Musen, M.A., & Chou, T. (2015). Data breaches of protected health information in the United States. Journal of the American Medical Information Association, 313(14), 1471-1473. doi:10.1001/jama.2015.2252
Luna, R., Rhine, E., Myhra, M., Sullivan, R., & Kruse, C. S. (2016). Cyber threats to health information systems: A systematic review. Technology & Health Care, 24(1), 1-9. doi:10.3233/THC-151102