With the ever-increasing presence of the internet in our daily lives, most of us know the importance of safeguarding our personal information. When it comes to personal health information, a study conducted by researchers at Michigan State University in East Lansing and Johns Hopkins University in Baltimore has found that hospitals, doctors’ offices, and insurance companies — not hackers or external parties — are responsible for most security breaches.
This study, published in JAMA Internal Medicine, follows up on earlier research examining the scope of hospital data breaches in the United States, which identified nearly 1,800 security issues involving patient information over a seven-year period. The Michigan State and Hopkins researchers reviewed about 1,150 breaches of personal health information involving more than 164 million patients; they determined that 53 percent of breaches resulted from internal factors within the health care agencies themselves.
About one-quarter of the health information breaches involved unauthorized access or disclosure in hospitals, provider offices, insurance companies, and pharmacies. Personnel in these places:
- Accessed personal health information without authorization
- Took personal health information home or forwarded it to a personal phone or computer
- Made email errors like sending personal health information to an incorrect email address or sharing unencrypted information
Sourced from: JAMA Internal Medicine