top of page
Writer's pictureDiane Evans

Carelessness & Neglect Reign as Leading Causes of Data Breaches

By Diane Evans 


Want to know the best way to avoid a data breach? Understand why they happen.


An updated report by the U.S. Department of Health and Human Services' website confirms  that carelessness and neglect remain the most common underlying causes of data breaches. 


This has been a consistent finding since the 2013 overhaul of privacy and security  regulations under the Health Insurance Portability and Accountability Act (HIPAA).


The obvious conclusion:  Greater vigilance can prevent costly and disruptive data intrusions.


Sure, sophisticated cyber criminals are at work, and at times, culprits come from within.  But amid such threats, healthcare executives have it within their power to put up strong defenses.  That is accomplished through the implementation of proven practices that deter cybercrime.


Think of it this way:  You secure your home to the best of your ability to prevent break-ins. But if you’re lax, and you leave an open window, you create opportunity for thieves.  The same applies to data systems. Organized crime rings thrive on weak or nonexistent defenses – such as software that hasn’t been updated, or networks poorly secured. 


In the new federal report, the following are the underlying compliance issues most often alleged, in order of frequency:


  • Impermissible uses and disclosures of protected health information

  • Lack of safeguards of protected health information

  • Lack of patient access to their protected health information

  • Lack of administrative safeguards of electronic protected health information

  • Use or disclosure of more than the minimum necessary protected health information


Now one more question:  Want to know where vigilance starts?  Of course it starts with top leadership prioritizing confidentiality – and the intentional work of upholding the trust of those who have placed their trust with a given organization.


About the author

Diane Evans is founder of Guarded Edge, which offers training and an in-house implementation plan for compliance with the Health Insurance Portability and Accountability Act (HIPAA) within long-term care.  Diane can be reached at devans@guardededge.com.  She has offered accredited training for state and national organizations, including the Health Care Compliance Association and the Cleveland Metropolitan Bar Association. 


#Data ManagementLongTermCare

#Data SecurityLongTermCare



4 views0 comments

Recent Posts

See All

Proposed Changes in HIPAA Rules Help YOU!

By Diane Evans  Recently, the U.S. Office for Civil Rights (OCR) proposed stronger rules for data security and compliance under the...

Start 2025 Feeling Secure

As we welcome a new year, there’s no better time to ensure your organization is equipped to prevent data breaches and comply with HIPAA...

Comments


bottom of page