Although data breaches are not typical of a certain size or type of organization, small medical practices seem to be at the highest risk of being attacked. A recent survey, conducted by the Ponemon Institute and commissioned by MegaPath, which queried more than 700 IT and administrative personnel in healthcare organizations with less than 250 employees, revealed some shocking facts. It was noted that nearly 90% of small healthcare practices in North America have suffered a data breach in the past 12 months.
It was observed that a large percentage of small medical practices still do not consider data security and privacy as one of their top priorities. Only 31% of the respondents said that their management gave importance to issues concerning data security. Another alarming fact is that 70% of the respondents said that their entity does not have the budget to meet compliance, governance, and risk management needs.
While nearly 30% said that data breaches resulted in medical identity thefts, it was seen that in more than one third of the surveyed entities there was no one responsible for patient data protection. Adding to the concern is the fact that 75% of the respondents said that they are allowed to access business and clinical applications through mobile devices like laptops, smartphones and tablet PCs, and that most of them use these devices at work. But only 48% of these entities have policies governing the use of these devices, where as 45% does not do anything to secure these devices. This creates maximum vulnerability, paving the way for more data loss/theft.
What these small practices need is a security solution that can actively protect Patient Health Records while also ensuring that their budget doesn’t take a dig. And that’s what eGestalt’s SecureGRC SB is all about. An innovative security monitoring and compliance management platform designed to meet the requirements of small businesses, SecureGRC SB ensures that Patient Health Records and privacy are well protected. It provides detailed risk analysis with complete security and guidance on all relevant aspects of medical practice, and helps small practices in efficiently and effectively protecting PHI.