Balancing Data Security and Customer Convenience

January 9th, 2015

Did you know that patient health records can fetch up to $1,300 each on the black market? A treasure-trove of personal information, patient records are among today’s most sought after cyber targets. Last summer alone, over 5,000,000 patients had their personal data compromised.

The natural response to this sort of unpleasant news is to hide your data behind multiple layers of data security, and to make every last byte of data as hard for hackers to find as possible. But there’s an obstacle already— your patients expect and demand quick and easy access to their information, no matter where they are (that’s what the “portability” in HIPAA stands for).

What you are now faced with is the task of balancing data security and data accessibility. You must keep your patients’ data secure while still giving them the access that they demand. Patients are indeed viewing their data from a lot of different outlets. Wearable technology, mobile apps, desktop web browsers, you name it; a large fraction of your patient base is accessing their personal information through it.

Here are a few ways to walk the line between privacy and convenience:

  1. Stay vigilant. Always have an eye on your records, and ensure that there is no suspicious activity. Quickly follow up on strange occurrences, such as a record being accessed from an unusual location. Hiring information technology personnel that specialize in data security goes a long way towards ensuring that patient data remains in the right hands. We have software which can monitor each file’s permissions, and make note of each attept to access it.
  2. Know your data and stay on top of permissions. Know which records you own, and keep an inventory of everything that collects data. This includes keeping your business associate agreements up-to-date and providing the least-necessary permissions to your staff. Again, an IT professional will be a huge help in this area.
  3. Train your staff on HIPAA privacy AND security. We find that most medical staff are well trained on one or the other, rarely both. Regular training for existing staff and all new hires is absolutely a must.

When consumer preferences are distilled, it becomes clear that they value the security of their data far more than accessibility. Here is a breakdown of preferences when it comes to personal medical information.

  • Medical tests and imaging results. 71% believe that the security of this data is more important than its accessibility.
  • Doctors' notes and diagnoses. 73% preferred security to convenience.
  • Drug prescription information. 65% valued the security of this information over ease of access.
  • Diet and exercise results. Interestingly, only 32% of people thought security was more important than convenience.

The takeaway here is that personal data is quite susceptible to attack and quite valuable once in a thief’s possession. It’s a high stakes game, and going forward, the balancing of privacy and convenience will become a more vital task than ever.

But don’t be discouraged. We can help. AGJ Systems has experience in healthcare information technology, and can offer advice and support to bolster your company’s data security.

We are the authority on the Gulf Coast when it comes to securing your patients data in accordance with industry standards.

Learn more about how AGJ can help you find the perfect balance of data security and accessibility.