Study Says Paper Records is Most Common Type of Data Breach in Hospitals

Paper and film records are the most common location of data breaches in hospitals, according to a study published in The American Journal of Managed Care.

Researchers analyzed statistics on data breaches reported to the HHS Office of Civil Rights from 2009 to 2016, alongside hospital characteristics from the Health Information Management Systems Society and the American Hospital Association databases. All healthcare data breaches reported to the OCR affected more than 500 patients.

Hospitals comprised roughly one-third of all healthcare breaches, according to the study. Paper- and film-based records, rather than electronic records, comprised 65 percent of hospital data breaches. Network servers were the least common location of breached data, although their breaches affected the greatest number of patients.

The researchers determined a hospital's health IT sophistication and biometric security capabilities were not associated with decreased incidence of data breaches.

"Hospitals should conduct routine audits to allow them to see their vulnerabilities before a breach occurs," the study authors said. "Additionally, information security systems should be implemented concurrently with health information technologies. Improving access control and prioritizing patient privacy will be important steps in minimizing future breaches."

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.