• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

Patient Data Breaches Are Soaring … Do You Know Where Your Laptop Is?


Nearly two out of every five healthcare professionals reported a data security breach in 2009, up from just 13% the previous year, according to a recent survey. The majority of the breaches typically involve lost or stolen laptops and portable data-storage devices, and improperly discarded documents.

It’s 10 o’clock. Do you know where your laptop is?

Nearly two out of every five healthcare professionals reported a data security breach in 2009, up from 13% the previous year, according to a recent survey by the Healthcare Information and Management Systems Society. The security breaches occurred even though most of those surveyed said they are compliant with all laws and regulations related to privacy.

Although many providers surveyed said they have effective safeguards in place to monitor access to sensitive data, most of the breaches involved lost or stolen laptop computers, stolen computers or hard drives, or improperly discarded documents.

The problem is that many providers focus on compliance and ignore the financial impact of a data breach, the researchers said. Of the security breaches reported this year to the government’s Office for Civil Rights, which enforces HIPAA regulations, only two involved unauthorized access to data. The theft of unencrypted laptops or other portable data-storage devices accounted for 44% of the breaches.

The cost of a ignoring a privacy breach can be severe. One of the provisions of the 2009 federal stimulus program requires healthcare providers to post information about security breaches if a breach affects 10 or more patients. If a security breach affects 500 or more patients, practices must notify all affected patients, a local media outlet, and the Department of Health & Human Services. Fines for noncompliance start at $100 and can go as high as $1.5 million. (To learn more, read here.)

Encrypting a laptop or hard drive is a relatively inexpensive way to protect patient data.

The cost of encrypting a laptop is a minor expense compared to the cost of notifying patients of the breach, setting up free credit monitoring for them, and handling complaints and inquiries. In addition, a provider found guilty of willful neglect could face government fines of up to $1.5 million. Talk to your technology advisor or visit sites such as or for more information on data encryption.

Related Videos
Victor J. Dzau, MD, gives expert advice
Victor J. Dzau, MD, gives expert advice