In this past year’s Health and Human Services Department’s Report to Congress, it was noted that human error is in the leading factors for health information breaches. This annual report towards the U.S. Congress focused on was titled HHS’ Annual Report to Congress on Breaches of Unsecured Protected Health Info for Calendar Years 2009 and 2010. The report discovered that human error was the fourth main cause of information breaches. (a breach was noted as some thing that affected much more than 500 individuals). Hardware authentication is 1 method to steer clear of some of these problems.
The examples of theft of health care information are too many to note, but 1 hospital in had a laptop stolen, which basically exposed much more than 14,000 patients’ individual info to possible cyber criminals.
There are five steps that can be used to minimize the possibility of human error causing data breaches. The first step is to know the laws. All people responsible for securing health care data and those even remotely in contact with the data should understand federal and state laws regarding privacy and data breaches. As well, if the company is operating in multiple states, it is important to know those policies too.
Next, take the time to conduct an assessment of the risks and to locate the areas that are vulnerable. The risk assessment should decide what controls are in place and what controls could be implemented with regard to data protection standards, Hardware authentication could be utilized. Third, set up some policies that the staff and administration can follow to ensure that data is protected. Make certain all employees at all levels are aware of what must be done.
Fourth, the organization should take an assessment of employee understanding of data security policies. Getting a baseline understanding of what employees know and do will help to move the organization further toward 100% compliance and also help to secure data. This should be an ongoing process and everyone should be assessed.
Lastly, continually function via every with the actions above to continue to refine and hone the security with the information that comes into the hands of workers. Continuously train them and add new innovative goods or use techniques like hardware authentication to remain on leading of regulations and compliance.
The examples of theft of health care information are too many to note, but 1 hospital in had a laptop stolen, which basically exposed much more than 14,000 patients’ individual info to possible cyber criminals.
There are five steps that can be used to minimize the possibility of human error causing data breaches. The first step is to know the laws. All people responsible for securing health care data and those even remotely in contact with the data should understand federal and state laws regarding privacy and data breaches. As well, if the company is operating in multiple states, it is important to know those policies too.
Next, take the time to conduct an assessment of the risks and to locate the areas that are vulnerable. The risk assessment should decide what controls are in place and what controls could be implemented with regard to data protection standards, Hardware authentication could be utilized. Third, set up some policies that the staff and administration can follow to ensure that data is protected. Make certain all employees at all levels are aware of what must be done.
Fourth, the organization should take an assessment of employee understanding of data security policies. Getting a baseline understanding of what employees know and do will help to move the organization further toward 100% compliance and also help to secure data. This should be an ongoing process and everyone should be assessed.
Lastly, continually function via every with the actions above to continue to refine and hone the security with the information that comes into the hands of workers. Continuously train them and add new innovative goods or use techniques like hardware authentication to remain on leading of regulations and compliance.
About the Author:
Oliver David contributes for Data Security Weekly and other publications on such matters as encrypted flash drives and a secure usb drive review.
No comments:
Post a Comment