Medical Information Is Particularly Vulnerable To Security Breaches

Friday, February 20, 2015 7:41 pm, Posted by Absolute Destruction

While we routinely dispose of physical and electronic information from people and companies, we also extend our services to other industries that require efficient, secure, and timely assistance. This can include pharmacies, laboratories, walk-in clinics, and hospitals — and for good reason.

According to the Identity Theft Resource Center (ITRC), the American Medical/Healthcare industry recorded the highest percentage of security breaches out of all industries in 2014. This makes ‘medical identity theft’ — the illicit access and use of PII (personal identification information) to purchase medical equipment, drugs, or care — a serious risk for anyone who receives treatment. In other words, it’s a major issue for every living person, in both the U.S. and Canada.

In Canada, the Canadian Health Care Anti-Fraud Association (CHCAA) attempts to work with public and private providers to protect their customers and patients against stolen information. So does the Canadian Anti-Fraud Centre, which provides helpful information for services, companies, and individuals to keep people safe. But with the digitization of all medical records, vulnerable pharmaceutical protocols, the relative unsophistication of security systems in medical facilities, Medicare’s ‘pay-and-chase’ policy, and the relative ease with which insiders (employees) can leak information, the fight against theft can often feel like an uphill battle.

Because there’s such a risk involved in medical fraud, health care workers should always be trained and up-to-date on privacy and security regulations. In the United States, HIPAA (the Health Insurance Portability and Accountability Act) insists that health care providers run regular risk analyses to determine whether their particular services are vulnerable to information theft and other data breaches. In so doing, their staff must receive HIPAA security training to minimize the incidence of compromised information.

The U.S. also has other health-care–related concerns to deal with. As more and more clinics are opening outside of hospitals — including at big box retailers, like Target — personal data is becoming more compromised due to lack of experience and standards in the retail sector and through miscommunication in transferring files from hospitals to these new stores. Last year, credit card numbers were stolen in the tens of millions from Target’s database — a significant warning for people who’ve given over their dates of birth, social security numbers, addresses, and other personal information in order to receive treatments from this retail giant.

Simply put, receiving and dispensing medical treatment — whether it’s drugs, therapy, surgery, counseling, or more — means dealing with extremely sensitive information that should never fall into the wrong hands. In an ever-changing industry that has been a work in progress since day one, the Canadian health care system (and those of us who receive its services) needs to take a lesson from the statistics coming from south of the border. How we handle our patients’ information is of utmost importance if we want to maintain a secure, solvent, and safe industry. In addition to proper security and training, the best and most thorough way to completely eradicate confidential information is to invest in a reliable destruction company.

If your facility, lab, or centre would like to learn more about our services, please do not hesitate to get in touch. It’s an investment in your security, as well as those who depend on you.

© 2018 Absolute Destruction. All rights Reserved.