SlideShare une entreprise Scribd logo

The Security of Electronic Health Information Survey

Télécharger en tant que PPT, PDF
loglogic
loglogic

A new study reveals that the push for Electronic Medical Records puts patient privacy at risk. The Ponemon Institute and LogLogic surveyed hospital security professionals and found that 70% say their senior management fails to prioritize privacy and data security.

TechnologieSanté & Médecine
1  sur  14
Page 1 The Security of Electronic Health Information Survey
Security of Electronic Health Information Sponsored by LogLogic Presented by Dr. Larry Ponemon Webinar: September 30, 2009
About the study • The purpose of the study is to determine from IT security practitioners in healthcare organizations how secure they believe electronic patient health records are – especially those records stored in databases.
The survey addressed the following topics • The adequacy of the organization’s approach to the security of health information. • Senior management’s views about the importance of securing health information. • How electronic health information is used by the organization. • The database applications that cause the most risk to health information and the difficulty in securing health information in databases. • Steps taken to secure health information in databases and their effectiveness. • The impact of compliance on the security of electronic health information.
How is the above electronic health information used by your organization? The top five uses 67% 60% 58% 54% 53% 0% 10% 20% 30% 40% 50% 60% 70% 80% Billing & payments Insurance verification Marketing & communications Patient relations Patient care (clinical)
What kinds of database applications cause the most risk to electronic health information? 1.9 2.5 1.6 0.0 0.5 1.0 1.5 2.0 2.5 3.0 Administrative applications such as patient scheduling systems Business applications such as billing and insurance processing Clinical applications such as physician notes, prescriptions or diagnostic reports Each bar represents the average ranking where 3 = highest risk and 1 = lowest risk.
How would you rate the effectiveness of the above mentioned data security measures you have in-place for securing electronic health information in databases? 19% 24% 25% 24% 9% 0% 5% 10% 15% 20% 25% 30% Very effective Effective Somew hat effective Not effective Unsure
How many of the above data breaches experienced by your organization involved electronic health information stored in a database? 33% 19% 16% 10% 8% 5% 9% 0% 5% 10% 15% 20% 25% 30% 35% More than 90% 75% to 90% 50% and 74% 25% and 49% 10 and 24% Less than 10% None
If your organization had a data breach involving the loss or theft of patient health information (say 1,000 or more records), what would this incident cost your company on a per lost record basis? 6% 9% 19% 30% 10% 3% 12% 0% 5% 10% 15% 20% 25% 30% 35% Less than $50 $50 to $100 $101 to $150 $151 to $200 $201 to $250 $251 to $300 More than $300 The extrapolated value of a data breach involving EPHI on a per compromised record basis is $211.
Page 10Page 10 Log & Security Management Helps … » Visibility – Broad Based Monitoring » Access to electronic healthcare records » Database activity monitoring » Creation/deletion of new user accounts » Assigning/changing access rights and privileges » Threat monitoring and incident response » Forensic analysis (immutable audit trail, electronic evidence)
Page 11Page 11 Log & Security Management Helps … » Control – Real-Time Prevention » Firewall and network policy (re)-configuration » Database firewall – real-time blocking of suspect transactions » Database security – virtual patch management
Page 12Page 12 CONNECTED HOSPITAL Employers Public Health Organizations Laboratories Pharmacies Connected Clinicians Social Services Clinics Emergency / First Responders Suppliers Government and Private Payers Home and Long-Term Care Hospitals Monitoring Allows You To “Trust But Verify”
Page 13Page 13 Read The Full Report! » You can view the entire webcast on demand at: http://www.loglogic.com/news/webcasts » A full copy of the report is available at: www.loglogic.com/resources/analyst-reports/ponemon- electronic-health-info-at-risk/
Page 14 Thank You! For more information or to schedule a demo contact us at: info@loglogic.com

Recommandé

Impact of Mismatched Patient Records Inforgraphic
Impact of Mismatched Patient Records InforgraphicImpact of Mismatched Patient Records Inforgraphic
Impact of Mismatched Patient Records InforgraphicTodd Winey
 
Fourth Annual Benchmark Study on Patient Privacy & Data Security
Fourth Annual Benchmark Study on Patient Privacy & Data SecurityFourth Annual Benchmark Study on Patient Privacy & Data Security
Fourth Annual Benchmark Study on Patient Privacy & Data Security- Mark - Fullbright
 
Fourth Annual Benchmark Study on Patient Privacy & Data Security
Fourth Annual Benchmark Study on Patient Privacy & Data SecurityFourth Annual Benchmark Study on Patient Privacy & Data Security
Fourth Annual Benchmark Study on Patient Privacy & Data Security- Mark - Fullbright
 
Healthcare2.0 Turning Hell care into healthcare
Healthcare2.0 Turning Hell care into healthcareHealthcare2.0 Turning Hell care into healthcare
Healthcare2.0 Turning Hell care into healthcareBetsy Bevilacqua
 
Journal Club Presentation Mb Rb
Journal Club Presentation Mb RbJournal Club Presentation Mb Rb
Journal Club Presentation Mb Rbmboufaida
 
2013 Benchmarks in Accountable Care
2013 Benchmarks in Accountable Care2013 Benchmarks in Accountable Care
2013 Benchmarks in Accountable CareHealthcare Intelligence Network
 
Healthcare Executives Lack Plan for Cybersecurity Threats
Healthcare Executives Lack Plan for Cybersecurity ThreatsHealthcare Executives Lack Plan for Cybersecurity Threats
Healthcare Executives Lack Plan for Cybersecurity ThreatsEtactics, Inc.
 
Third Annual Study on Patient Privacy
Third Annual Study on Patient PrivacyThird Annual Study on Patient Privacy
Third Annual Study on Patient Privacy- Mark - Fullbright
 

Recommandé

Impact of Mismatched Patient Records Inforgraphic
Impact of Mismatched Patient Records InforgraphicImpact of Mismatched Patient Records Inforgraphic
Impact of Mismatched Patient Records InforgraphicTodd Winey
 
Fourth Annual Benchmark Study on Patient Privacy & Data Security
Fourth Annual Benchmark Study on Patient Privacy & Data SecurityFourth Annual Benchmark Study on Patient Privacy & Data Security
Fourth Annual Benchmark Study on Patient Privacy & Data Security- Mark - Fullbright
 
Fourth Annual Benchmark Study on Patient Privacy & Data Security
Fourth Annual Benchmark Study on Patient Privacy & Data SecurityFourth Annual Benchmark Study on Patient Privacy & Data Security
Fourth Annual Benchmark Study on Patient Privacy & Data Security- Mark - Fullbright
 
Healthcare2.0 Turning Hell care into healthcare
Healthcare2.0 Turning Hell care into healthcareHealthcare2.0 Turning Hell care into healthcare
Healthcare2.0 Turning Hell care into healthcareBetsy Bevilacqua
 
Journal Club Presentation Mb Rb
Journal Club Presentation Mb RbJournal Club Presentation Mb Rb
Journal Club Presentation Mb Rbmboufaida
 
2013 Benchmarks in Accountable Care
2013 Benchmarks in Accountable Care2013 Benchmarks in Accountable Care
2013 Benchmarks in Accountable CareHealthcare Intelligence Network
 
Healthcare Executives Lack Plan for Cybersecurity Threats
Healthcare Executives Lack Plan for Cybersecurity ThreatsHealthcare Executives Lack Plan for Cybersecurity Threats
Healthcare Executives Lack Plan for Cybersecurity ThreatsEtactics, Inc.
 
Third Annual Study on Patient Privacy
Third Annual Study on Patient PrivacyThird Annual Study on Patient Privacy
Third Annual Study on Patient Privacy- Mark - Fullbright
 
Unisys Security Insights Infographic: Netherlands
Unisys Security Insights Infographic: NetherlandsUnisys Security Insights Infographic: Netherlands
Unisys Security Insights Infographic: NetherlandsUnisys Corporation
 
Risks of Open Payments and Medicare Part D Data
Risks of Open Payments and Medicare Part D DataRisks of Open Payments and Medicare Part D Data
Risks of Open Payments and Medicare Part D Dataqordata
 
The Use of EDC in Canadian Clinical Trials
The Use of EDC in Canadian Clinical TrialsThe Use of EDC in Canadian Clinical Trials
The Use of EDC in Canadian Clinical TrialsKhaled El Emam
 
Minding the Gap: Path Innovation, Collaboration and Quality
Minding the Gap: Path Innovation, Collaboration and QualityMinding the Gap: Path Innovation, Collaboration and Quality
Minding the Gap: Path Innovation, Collaboration and QualityBarry Chaiken
 
OHMC 201509 lin
OHMC 201509 linOHMC 201509 lin
OHMC 201509 linDanie Schoeman
 
Consumer centric healthcare workshop
Consumer centric healthcare workshopConsumer centric healthcare workshop
Consumer centric healthcare workshopLeo Barella
 
The challenge of ensuring secure clinics and hospitals for patients and staff
The challenge of ensuring secure clinics and hospitals for patients and staffThe challenge of ensuring secure clinics and hospitals for patients and staff
The challenge of ensuring secure clinics and hospitals for patients and staffDanie Schoeman
 
Protecting Healthcare Data from Hackers
Protecting Healthcare Data from HackersProtecting Healthcare Data from Hackers
Protecting Healthcare Data from HackersJoshua Spencer
 
Emmes
EmmesEmmes
Emmesnarendra
 
Managing The Risk of Open Payments - Validate Spend Report Before CMS Submission
Managing The Risk of Open Payments - Validate Spend Report Before CMS SubmissionManaging The Risk of Open Payments - Validate Spend Report Before CMS Submission
Managing The Risk of Open Payments - Validate Spend Report Before CMS Submissionqordata
 
Challenges of Implementing Health IT
Challenges of Implementing Health ITChallenges of Implementing Health IT
Challenges of Implementing Health ITMargaret Hoisington
 
[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat PrognosisFireEye, Inc.
 
May 2013 EHR Market Share
May 2013 EHR Market ShareMay 2013 EHR Market Share
May 2013 EHR Market ShareLindsay Meyer
 
Emmes Corporation
Emmes CorporationEmmes Corporation
Emmes Corporationnarendra
 
Data Driven Healthcare Transformation ... Are You Making the Grade?
Data Driven Healthcare Transformation ... Are You Making the Grade?Data Driven Healthcare Transformation ... Are You Making the Grade?
Data Driven Healthcare Transformation ... Are You Making the Grade?Michelle Blackmer
 
The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?Stephen Cobb
 
Taking the Physician's Pulse on Cybersecurity
Taking the Physician's Pulse on CybersecurityTaking the Physician's Pulse on Cybersecurity
Taking the Physician's Pulse on Cybersecurityaccenture
 
Systems AdminstratorAs your systems administrator  person I am.docx
Systems AdminstratorAs your systems administrator  person I am.docxSystems AdminstratorAs your systems administrator  person I am.docx
Systems AdminstratorAs your systems administrator  person I am.docxssuserf9c51d
 
Hitech for HIPAA
Hitech for HIPAAHitech for HIPAA
Hitech for HIPAAdkarpinsky
 
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...mosmedicalreview
 
The state of privacy and data security compliance
The state of privacy and data security complianceThe state of privacy and data security compliance
The state of privacy and data security complianceFindWhitePapers
 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)U.S. News Healthcare of Tomorrow
 

Contenu connexe

Tendances

Unisys Security Insights Infographic: Netherlands
Unisys Security Insights Infographic: NetherlandsUnisys Security Insights Infographic: Netherlands
Unisys Security Insights Infographic: NetherlandsUnisys Corporation
 
Risks of Open Payments and Medicare Part D Data
Risks of Open Payments and Medicare Part D DataRisks of Open Payments and Medicare Part D Data
Risks of Open Payments and Medicare Part D Dataqordata
 
The Use of EDC in Canadian Clinical Trials
The Use of EDC in Canadian Clinical TrialsThe Use of EDC in Canadian Clinical Trials
The Use of EDC in Canadian Clinical TrialsKhaled El Emam
 
Minding the Gap: Path Innovation, Collaboration and Quality
Minding the Gap: Path Innovation, Collaboration and QualityMinding the Gap: Path Innovation, Collaboration and Quality
Minding the Gap: Path Innovation, Collaboration and QualityBarry Chaiken
 
Consumer centric healthcare workshop
Consumer centric healthcare workshopConsumer centric healthcare workshop
Consumer centric healthcare workshopLeo Barella
 
The challenge of ensuring secure clinics and hospitals for patients and staff
The challenge of ensuring secure clinics and hospitals for patients and staffThe challenge of ensuring secure clinics and hospitals for patients and staff
The challenge of ensuring secure clinics and hospitals for patients and staffDanie Schoeman
 
Protecting Healthcare Data from Hackers
Protecting Healthcare Data from HackersProtecting Healthcare Data from Hackers
Protecting Healthcare Data from HackersJoshua Spencer
 
Managing The Risk of Open Payments - Validate Spend Report Before CMS Submission
Managing The Risk of Open Payments - Validate Spend Report Before CMS SubmissionManaging The Risk of Open Payments - Validate Spend Report Before CMS Submission
Managing The Risk of Open Payments - Validate Spend Report Before CMS Submissionqordata
 
Challenges of Implementing Health IT
Challenges of Implementing Health ITChallenges of Implementing Health IT
Challenges of Implementing Health ITMargaret Hoisington
 
[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat PrognosisFireEye, Inc.
 
May 2013 EHR Market Share
May 2013 EHR Market ShareMay 2013 EHR Market Share
May 2013 EHR Market ShareLindsay Meyer
 
Emmes Corporation
Emmes CorporationEmmes Corporation
Emmes Corporationnarendra
 
Data Driven Healthcare Transformation ... Are You Making the Grade?
Data Driven Healthcare Transformation ... Are You Making the Grade?Data Driven Healthcare Transformation ... Are You Making the Grade?
Data Driven Healthcare Transformation ... Are You Making the Grade?Michelle Blackmer
 

Tendances (15)

Unisys Security Insights Infographic: Netherlands
Unisys Security Insights Infographic: NetherlandsUnisys Security Insights Infographic: Netherlands
Unisys Security Insights Infographic: Netherlands
 
Risks of Open Payments and Medicare Part D Data
Risks of Open Payments and Medicare Part D DataRisks of Open Payments and Medicare Part D Data
Risks of Open Payments and Medicare Part D Data
 
The Use of EDC in Canadian Clinical Trials
The Use of EDC in Canadian Clinical TrialsThe Use of EDC in Canadian Clinical Trials
The Use of EDC in Canadian Clinical Trials
 
Minding the Gap: Path Innovation, Collaboration and Quality
Minding the Gap: Path Innovation, Collaboration and QualityMinding the Gap: Path Innovation, Collaboration and Quality
Minding the Gap: Path Innovation, Collaboration and Quality
 
OHMC 201509 lin
OHMC 201509 linOHMC 201509 lin
OHMC 201509 lin
 
Consumer centric healthcare workshop
Consumer centric healthcare workshopConsumer centric healthcare workshop
Consumer centric healthcare workshop
 
The challenge of ensuring secure clinics and hospitals for patients and staff
The challenge of ensuring secure clinics and hospitals for patients and staffThe challenge of ensuring secure clinics and hospitals for patients and staff
The challenge of ensuring secure clinics and hospitals for patients and staff
 
Protecting Healthcare Data from Hackers
Protecting Healthcare Data from HackersProtecting Healthcare Data from Hackers
Protecting Healthcare Data from Hackers
 
Emmes
EmmesEmmes
Emmes
 
Managing The Risk of Open Payments - Validate Spend Report Before CMS Submission
Managing The Risk of Open Payments - Validate Spend Report Before CMS SubmissionManaging The Risk of Open Payments - Validate Spend Report Before CMS Submission
Managing The Risk of Open Payments - Validate Spend Report Before CMS Submission
 
Challenges of Implementing Health IT
Challenges of Implementing Health ITChallenges of Implementing Health IT
Challenges of Implementing Health IT
 
[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis[Infographic] Healthcare Cyber Security: Threat Prognosis
[Infographic] Healthcare Cyber Security: Threat Prognosis
 
May 2013 EHR Market Share
May 2013 EHR Market ShareMay 2013 EHR Market Share
May 2013 EHR Market Share
 
Emmes Corporation
Emmes CorporationEmmes Corporation
Emmes Corporation
 
Data Driven Healthcare Transformation ... Are You Making the Grade?
Data Driven Healthcare Transformation ... Are You Making the Grade?Data Driven Healthcare Transformation ... Are You Making the Grade?
Data Driven Healthcare Transformation ... Are You Making the Grade?
 

Similaire à The Security of Electronic Health Information Survey

The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?Stephen Cobb
 
Taking the Physician's Pulse on Cybersecurity
Taking the Physician's Pulse on CybersecurityTaking the Physician's Pulse on Cybersecurity
Taking the Physician's Pulse on Cybersecurityaccenture
 
Systems AdminstratorAs your systems administrator  person I am.docx
Systems AdminstratorAs your systems administrator  person I am.docxSystems AdminstratorAs your systems administrator  person I am.docx
Systems AdminstratorAs your systems administrator  person I am.docxssuserf9c51d
 
Hitech for HIPAA
Hitech for HIPAAHitech for HIPAA
Hitech for HIPAAdkarpinsky
 
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...mosmedicalreview
 
The state of privacy and data security compliance
The state of privacy and data security complianceThe state of privacy and data security compliance
The state of privacy and data security complianceFindWhitePapers
 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)U.S. News Healthcare of Tomorrow
 
“Your Web Site is Their First Impression”
“Your Web Site is Their First Impression”“Your Web Site is Their First Impression”
“Your Web Site is Their First Impression”Michele Affronte
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Mark Merrill
 
“Your Web Site is Their First Impression” Handout
“Your Web Site is Their First Impression” Handout“Your Web Site is Their First Impression” Handout
“Your Web Site is Their First Impression” HandoutMichele Affronte
 
Addressing Cybersecurity Strategically
Addressing Cybersecurity Strategically Addressing Cybersecurity Strategically
Addressing Cybersecurity Strategically Symantec
 
Healthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALHealthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALSteve Knapp
 
Running head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docxRunning head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docxwlynn1
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHNovell
 
Healthcare Nous InfoSystem
Healthcare Nous InfoSystemHealthcare Nous InfoSystem
Healthcare Nous InfoSystemUjjwal Anand
 
Cybersecurity Challenges in Healthcare
Cybersecurity Challenges in HealthcareCybersecurity Challenges in Healthcare
Cybersecurity Challenges in HealthcareDoug Copley
 
Nur3563 group project sol1 2
Nur3563 group project sol1 2Nur3563 group project sol1 2
Nur3563 group project sol1 2JLANurse
 
Information Governance in the Healthcare Industry
Information Governance in the Healthcare IndustryInformation Governance in the Healthcare Industry
Information Governance in the Healthcare IndustryAmber Guy
 

Similaire à The Security of Electronic Health Information Survey (20)

The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?
 
Taking the Physician's Pulse on Cybersecurity
Taking the Physician's Pulse on CybersecurityTaking the Physician's Pulse on Cybersecurity
Taking the Physician's Pulse on Cybersecurity
 
Systems AdminstratorAs your systems administrator  person I am.docx
Systems AdminstratorAs your systems administrator  person I am.docxSystems AdminstratorAs your systems administrator  person I am.docx
Systems AdminstratorAs your systems administrator  person I am.docx
 
Hitech for HIPAA
Hitech for HIPAAHitech for HIPAA
Hitech for HIPAA
 
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
 
The state of privacy and data security compliance
The state of privacy and data security complianceThe state of privacy and data security compliance
The state of privacy and data security compliance
 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
 
“Your Web Site is Their First Impression”
“Your Web Site is Their First Impression”“Your Web Site is Their First Impression”
“Your Web Site is Their First Impression”
 
Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected? Cyber Risk in Healthcare Industry- Are you Protected?
Cyber Risk in Healthcare Industry- Are you Protected?
 
“Your Web Site is Their First Impression” Handout
“Your Web Site is Their First Impression” Handout“Your Web Site is Their First Impression” Handout
“Your Web Site is Their First Impression” Handout
 
Towards predictive medicine
Towards predictive medicineTowards predictive medicine
Towards predictive medicine
 
Addressing Cybersecurity Strategically
Addressing Cybersecurity Strategically Addressing Cybersecurity Strategically
Addressing Cybersecurity Strategically
 
Healthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINALHealthcare Cybersecurity Whitepaper FINAL
Healthcare Cybersecurity Whitepaper FINAL
 
Running head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docxRunning head Information security threats 1Information secur.docx
Running head Information security threats 1Information secur.docx
 
Watson Health a Population Health Platform
Watson Health a Population Health PlatformWatson Health a Population Health Platform
Watson Health a Population Health Platform
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
 
Healthcare Nous InfoSystem
Healthcare Nous InfoSystemHealthcare Nous InfoSystem
Healthcare Nous InfoSystem
 
Cybersecurity Challenges in Healthcare
Cybersecurity Challenges in HealthcareCybersecurity Challenges in Healthcare
Cybersecurity Challenges in Healthcare
 
Nur3563 group project sol1 2
Nur3563 group project sol1 2Nur3563 group project sol1 2
Nur3563 group project sol1 2
 
Information Governance in the Healthcare Industry
Information Governance in the Healthcare IndustryInformation Governance in the Healthcare Industry
Information Governance in the Healthcare Industry
 

Dernier

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 

Dernier (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

The Security of Electronic Health Information Survey

  • 1. Page 1 The Security of Electronic Health Information Survey
  • 2. Security of Electronic Health Information Sponsored by LogLogic Presented by Dr. Larry Ponemon Webinar: September 30, 2009
  • 3. About the study • The purpose of the study is to determine from IT security practitioners in healthcare organizations how secure they believe electronic patient health records are – especially those records stored in databases.
  • 4. The survey addressed the following topics • The adequacy of the organization’s approach to the security of health information. • Senior management’s views about the importance of securing health information. • How electronic health information is used by the organization. • The database applications that cause the most risk to health information and the difficulty in securing health information in databases. • Steps taken to secure health information in databases and their effectiveness. • The impact of compliance on the security of electronic health information.
  • 5. How is the above electronic health information used by your organization? The top five uses 67% 60% 58% 54% 53% 0% 10% 20% 30% 40% 50% 60% 70% 80% Billing & payments Insurance verification Marketing & communications Patient relations Patient care (clinical)
  • 6. What kinds of database applications cause the most risk to electronic health information? 1.9 2.5 1.6 0.0 0.5 1.0 1.5 2.0 2.5 3.0 Administrative applications such as patient scheduling systems Business applications such as billing and insurance processing Clinical applications such as physician notes, prescriptions or diagnostic reports Each bar represents the average ranking where 3 = highest risk and 1 = lowest risk.
  • 7. How would you rate the effectiveness of the above mentioned data security measures you have in-place for securing electronic health information in databases? 19% 24% 25% 24% 9% 0% 5% 10% 15% 20% 25% 30% Very effective Effective Somew hat effective Not effective Unsure
  • 8. How many of the above data breaches experienced by your organization involved electronic health information stored in a database? 33% 19% 16% 10% 8% 5% 9% 0% 5% 10% 15% 20% 25% 30% 35% More than 90% 75% to 90% 50% and 74% 25% and 49% 10 and 24% Less than 10% None
  • 9. If your organization had a data breach involving the loss or theft of patient health information (say 1,000 or more records), what would this incident cost your company on a per lost record basis? 6% 9% 19% 30% 10% 3% 12% 0% 5% 10% 15% 20% 25% 30% 35% Less than $50 $50 to $100 $101 to $150 $151 to $200 $201 to $250 $251 to $300 More than $300 The extrapolated value of a data breach involving EPHI on a per compromised record basis is $211.
  • 10. Page 10Page 10 Log & Security Management Helps … » Visibility – Broad Based Monitoring » Access to electronic healthcare records » Database activity monitoring » Creation/deletion of new user accounts » Assigning/changing access rights and privileges » Threat monitoring and incident response » Forensic analysis (immutable audit trail, electronic evidence)
  • 11. Page 11Page 11 Log & Security Management Helps … » Control – Real-Time Prevention » Firewall and network policy (re)-configuration » Database firewall – real-time blocking of suspect transactions » Database security – virtual patch management
  • 12. Page 12Page 12 CONNECTED HOSPITAL Employers Public Health Organizations Laboratories Pharmacies Connected Clinicians Social Services Clinics Emergency / First Responders Suppliers Government and Private Payers Home and Long-Term Care Hospitals Monitoring Allows You To “Trust But Verify”
  • 13. Page 13Page 13 Read The Full Report! » You can view the entire webcast on demand at: http://www.loglogic.com/news/webcasts » A full copy of the report is available at: www.loglogic.com/resources/analyst-reports/ponemon- electronic-health-info-at-risk/
  • 14. Page 14 Thank You! For more information or to schedule a demo contact us at: info@loglogic.com

Notes de l'éditeur

  1. I promise to try and keep it simple, while we address many important issues that will help you gain a better understanding of the risks and trends that require healthcare organizations to adopt a culture of proactive information security with real-time database security & log management throughout your IT, clinical, business, and program practices. I will explore several drivers from a legal, clinical, and business perspective that are driving the need for real-time database security & log management. I will also show how LogLogic has helped some of your peers and can help you.
  2. Now this is from the perspective of a single hospital. Lets look at how many affiliated entities are connected. Each one of these has many security devices that share security event data in addition to devices that access and use sensitive data. On the first pass, I look at this and think “wow, the healthcare service model is really big with a lot of players.” But then I also begin to think about the risks. This connected electronic information sharing model also exposes insurers and providers to cybercrime, fraud, and accidental loss of sensitive data. We need a health information technology architecture that allows ubiquitous and secure exchange and use of health information. So as you think about how many computer devices you have and each of these entities may have, I hope you can begin to understand why I say, “Real-time data protection is a foundation for delivery of high quality care and patient safety.” We have: call centers with remote workers; office workers that take records home on flash drives and laptops; claims and field workers with mobile access device; Physicians accessing e-prescribing systems and using PDAs and laptops; nurses with wireless pagers or phones on the floor; and this is just a few examples of the day-to-day activities. All of these users are endpoints with endpoint devices that have to be connected through a secure exchange of sensitive data. And as if the day-to-day clinical and business demands were enough to manage, you are now also living through the compliance decade. Lets take a look at our next slide.