Phoenix IT Support

Phoenix Computer Specialists are your local tech support specialists. Contact Us today for all your “Valley Of The Sun” IT and computer support needs.

Do you have an immediate need?

 Yes No

Enter Word Verification

captcha


Testimonials

I just wanted to touch base with Phoenix Computer Specialists to let them know that I’d noticed an incredible change in the speed of my e-mail processing. A search that used to take 30-60+ seconds to finish, is now taking 5-10 seconds. (I actually told PCS I wondered if they had somehow managed to delete a good deal of my messages!). Apparently the boost in speed is due to the new server horsepower. I’ve already been able to put the new speed to good use when meeting w/people. As someone who does several daily searches through e-mail archives, this is like Christmas come early. Thanks for all of the work you’ve coordinated in updating our equipment.

Candace Barrier
Kortman Electric Inc.
Read more››
Your Phoenix Microsoft Partner

Phoenix Computer Support

Four Million Patient Records Breached During Burglary at the Advocate Medical Group The Penalty? $960,000.00

X

Lesson Learned — Healthcare Entities Must Perform HIPAA RISK ASSESSMENTS!

HIPAA ConsultingRecently, a Chicago-based AMG Medical Group revealed that four million patient records were breached during a burglary at their administrative office. The Park Ridge Police Department were immediately notified after the break-in, which resulted in the theft of four computers, occurred at the administrative office on July 15, 2013.

AMG launched an investigation and discovered that the four computers didn’t contain patient medical records, however, they did contain patient information including names, dates of birth, addresses and social security numbers. In addition, the computers contained limited clinical information, such as attending physicians and/or departments, medical record numbers, diagnoses, medical service codes and health insurance data.

According to Bill Barr, a development coordinator with the newly formed Medical Identity Theft Alliance (MIFA) and co-founder of the Smart Card Forum, the incident marks one of the largest health care breaches yet, with a surprisingly high number of patients whose information has been exposed.

It’s important to note that while the computers were password protected, they weren’t encrypted. Naturally, this leads many people to wonder:

  • Why weren’t these four computers encrypted to protect the patient information?
  • Why were four million patient records contained on desktop computers instead of being on a centralized server?

Surely if AMG had performed a HIPAA Risk Assessment these risk would have been identified. Aside from any potential HIPAA related fines from the HSS Office of Civil Rights, the cost of this breach is going to be huge. The estimated cost of a healthcare-related data breaches is approximately $240 per record! Doing the math, we find that four million breached records will cost AMG a total of $960,000,000.

The Take-Home Message:  Encryption and HIPAA Risk Assessments

Should Always Be a Top Priority!

Encrypting a desktop computer costs less than $100 per year. Assuming that 100 desktop computers stored PHI (protected health information), which should be stored on a server, the cost to encrypt those 100 desktop computers would be approximately $10,000 per year. Would you rather pay $10,000 or $960,000,000? The answer is obvious, and it would have only cost $400 to encrypt these four desktops and avoid the breach expenses.

The $400 price would be a fraction of the $960,000,000 that AMG will now have to pay, not to mention the damage to their reputation that comes from a breach as severe as this.

Do you know how many patient records are currently stored in your organizations computers, and if it’s properly protected?

Where are these records stored?

Are they stored on laptops, desktops, smartphones, or any other devices?

To avoid an expensive breach, and damage to your organization’s reputation, follow these steps to provide maximum protection for PHI:

  1. Perform a HIPAA Risk Assessment to determine where patient information is stored and the potential risk of the a data breach.
  2. Encrypt each device that contains patient information, as covered above, the expense will be a lot cheaper than breach-related expenses!
  3. Train all of your employees on how to properly protect PHI.

It’s difficult to think of an area more private than an individual’s medical or health information. Medical records often include some of the most intimate details about a person’s life. Protecting the confidentiality of health information is essential to ensure that individuals are able to obtain quality care.

Comments are closed.