Cox Smith Privacy / Data Security E-Alert
Recent Report Reveals "Significant Concerns" About Data Security Gaps
Amidst the federal government's push for increased use of electronic medical records, an internal report released yesterday by the Department of Health and Human Services revealed "significant concerns" about security gaps in systems across the country. In an audit of seven large hospitals in several states, the Office of Inspector General discovered "151 major vulnerabilities, including unencrypted wireless connections, easy passwords, and even a taped-over door lock on a room used for data storage." The auditors classified 124 of the breaches as "high impact" meaning they are likely to result in costly losses, injury or death.
This internal report shines a spotlight on the necessity for all institutions using electronic systems to store sensitive data to routinely conduct their own analysis of the adequacy and effectiveness of their data security and to develop a response plan addressing identified gaps. Regular employee training, frequent self audits of current practices and vendor commitments, and consistent monitoring and updating of security compliance and breach response plans reduce the significant liabilities, embarrassment and mistrust that can result from security breaches.
Download the complete report.
This notice was authored by Shareholders Kathy Poppitt from Cox Smith’s Healthcare / Life Sciences Practice Group and Bart Huffman from Cox Smith's Privacy / Data Security Practice Group.