Companies in various industries around the world are currently on the path to modernizing their IT systems, with many choosing to store data online. However, when organizations in highly regulated sectors like healthcare choose to do so, data security must be a priority.
According to an Associated Press report, a recent incident where the health information of about 300,000 Californians was exposed showed how vulnerable data stored online can be.
“When things go wrong, they can really go wrong,” Beth Givens, director of the nonprofit Privacy Rights Clearinghouse, which tracks data breaches, told the AP. “Even the most well-designed systems are not safe. … This case is a good example of how the human element is the weakest link.”
It was found that Southern California Medical-Legal Consultants, a firm that seeks payments for workers' compensation claims on behalf of healthcare providers, accidentally put the information on a public website. It was originally believed the information could only be viewed by members of the organization.
Earlier this month, a data breach affected more than 4,500 patients of Saint Barnabas Medical Center in Livingston, New Jersey, and Newark Beth Israel Medical Center in Newark. The information was misplaced by a company that was contracted by the U.S. Department of Health and Human Services to audit compliance with the Health Information Portability and Accountability Act.
Fortunately, St. Barnabas said, the lost information did not include addresses, Social Security numbers, personal identification numbers, dates of birth or financial information. Still, such an incident can carry serious ramifications for a healthcare provider.