Revenue Cycle Management
COVID-19
Reimbursement
Diabetes Awareness Month
Risk Management
Patient Retention
Staffing
Medical Economics® 100th Anniversary
Coding and documentation
Business of Endocrinology
Telehealth
Physicians Financial News
Cybersecurity
Cardiovascular Clinical Consult
Locum Tenens, brought to you by LocumLife®
Weight Management
Business of Women's Health
Practice Efficiency
Finance and Wealth
EHRs
Remote Patient Monitoring
Sponsored Webinars
Medical Technology
Billing and collections
Acute Pain Management
Exclusive Content
Value-based Care
Business of Pediatrics
Concierge Medicine 2.0 by Castle Connolly Private Health Partners
Practice Growth
Concierge Medicine
Business of Cardiology
Implementing the Topcon Ocular Telehealth Platform
Malpractice
Influenza
Sexual Health
Chronic Conditions
Technology
Legal and Policy
Money
Opinion
Vaccines
Practice Management
Patient Relations
Careers

Importance of an Information Security Strategy

January 20, 2012

Article

In a health care-related business, protection of the customer's data is paramount. Although the threat to digital assets has grown over the past five years, many companies don't understand how at risk they are or have no strategy in place.

In a health care-related business, protection of the customer’s data is paramount. Although the threat to digital assets has grown over the past five years, many companies don’t understand how at risk they are or have no strategy in place, according to an Accenture study in collaboration with the Ponemon Institute.

Although Accenture surveyed mid- and large-sized companies in “Traditional Approaches to Information Security are No Longer Sufficient,” small medical practices are at great risk as well. In fact, Kroll’s Cyber Security and Information Assurance reported that “small practice are more susceptible to security vulnerabilities," according to Amednews.com.

According to Accenture, a minority of companies — 12% — are doing a good job protecting their digital assets. These large- and mid-sized companies reported that the reason their security is probably lacking is because they don’t have the budget, according to 44%. This is of even more concern for small medical practices.

Companies that follow industry-leading practices — such as align security and business strategies, formally assess security and create an effective strategy that is updated regularly — have a lower incident of serious attacks and breaches.

In a medical practice, external attacks aren’t the only security concern. Breaches in security from systems failure or from employees are more likely, according to Accenture.

Employees could accidently compromise sensitive data by leaving a laptop unsecured in a public place, downloading infected files or sharing information with unauthorized parties. A breach of security for a medical practice could be disastrous given the sensitive nature of the information.

Typically a quarter of businesses have no security strategy, and those who don’t formally evaluate it. Thirty-five percent don’t measure the effectiveness of their security strategy, while 39% only informally measure it.

Last year there were three significant data breaches at health care organizations, which put 11 million patient records at risk, according to Amednews.com. And a breach can be very costly when it comes to notifying the patients and loss of income.

So the best defense is a good offense. By putting a strategy in place and regularly evaluating and updating it, medical practices can protect themselves and their patients from intentional or accidental security breaches.