KLAS: Providers Report Internal Unauthorized Data Access as Top Security Threat

May 29, 2014
When it comes to security and privacy, healthcare providers say identity management and unauthorized data access by employees are their biggest concerns, according to a new report from the Orem, Utah-based KLAS.

When it comes to security and privacy, healthcare providers say identity management and unauthorized data access by employees are their biggest concerns, according to a new report from the Orem, Utah-based KLAS.

Providers in this report rated unauthorized access by employees as their biggest concern. The second biggest concern stems from bring-your-own-device (BYOD) policies, which create risk for unmonitored system access, encryption failure, and theft or loss of devices containing protected health information (PHI).

According to the report, the stakes have never been higher as providers strive to meet meaningful use and Health Insurance Portability and Accountability Act (HIPAA) requirements and secure PHI in a world of increasing threats, technological evolution, and sophisticated hacking. One oversight can lead to heavy fines and damaging press coverage, it said.

KLAS spoke with 106 providers to find out where they felt the most at risk for breaches and to see which third-party firms they were turning to for assistance. Those providers in this study—"Security and Privacy Perception 2014: High Stakes, Big Challenges"— mentioned 46 different firms for security services within healthcare. Of those mentioned, CynergisTek, Deloitte, and Verizon were mentioned the most, followed by Dell, Fortrex Technologies, Hayes Management Consulting, IBM, and Santa Rosa Consulting.

According to providers, healthcare IT consulting firms are offering, on average, fewer security-related services than firms that focus predominantly on security. Of the health IT consulting firms, Santa Rosa Consulting provides the most services, followed by Dell. Health IT consulting firms mainly offer HIPAA and meaningful use risk assessments, while security-focused firms offer several additional services. Fifty-nine percent of providers said they had used a third-party firm for security and privacy services in the last 18 months, the report found.

One CIO in the report said, “Security and privacy are on my list of the top-three things that keep me up at night. I am really concerned because I just don’t have the right resources watching that. . . . There are people out there who are ill intended and who hack systems and steal medical identities. Every day there is another breach somewhere.”

“We are hearing from providers that security and privacy concerns are becoming a part of their everyday discussions," said Erik Westerlind, report author. "At this point, a market leader has yet to be established. As the stakes get higher, healthcare organizations are using multiple firms for their security and privacy needs to ensure they are covering all of their bases."

Sponsored Recommendations

State of the Market: Transforming Healthcare; Strategies for Building a Resilient and Adaptive Workforce

The U.S. healthcare system is facing critical challenges, including workforce shortages, high turnover, and regulatory pressures. This guide highlights the vital role of technology...

How AI-Native Locating Intelligence Revolutionizes the RTLS market

Discover how leveraging an RTLS solution with artificial intelligence as the location engine can increase efficiency, improve safety, and elevate care without the compromises ...

Harnessing the True Power of Cultural, Clinical and Operational Data

Optimize healthcare performance by combining clinical, operational, and cultural insights. A deeper understanding of team factors improves care and resource management.

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...