‘Significant’ IT security incidents affect 75% of providers. Are you prepared?

Datix Study

‘Significant’ IT security incidents affect 75% of providers. Are you prepared?

Identifying unsafe clinical practices and mistakes so they can be resolved and prevented is nothing new for healthcare providers. For the vast majority of today’s technologically advanced hospitals and health systems, however, data security incidents represent fast-growing safety issues that can threaten the financial — and actual — health of providers and their patients.

In 2018, the Healthcare Information and Management Systems Society (HIMSS) released a comprehensive cybersecurity study detailing the widespread nature of threats to providers: 75 percent of the nearly 250 healthcare organizations surveyed by HIMSS had experienced a “significant” security incident within the past year. In its recent report, the trade group also predicted that the volume of these incidents “will continue to grow in number, complexity and impact.”

The financial impact of these adverse events can be dramatic. According to a 2017 IBM study conducted by the Ponemon Institute, the average cost of a data breach is $3.62 million, or $141.00 per record, and the number of records ranged from roughly 2,600 to nearly 100,000.

These incidents also can result in steep fines from regulators: In 2017, the nine largest protected health information-related fines levied by the U.S. Dept. of Health and Human Services totaled more than $16 million, according to Becker’s Health IT and CIO Report.

Most importantly, IT-related security incidents can adversely affect patients. As detailed recently in The New England Journal of Medicine, when hackers gain access to a health system’s network, there’s the potential for them to access and alter patient data:

“An attacker with access to a laboratory system could modify data — changing potassium values, for example. Unsuspecting health care providers could react to the falsified potassium values, providing treatment that could harm the patient. Radiology protocols, diagnostic reports, genetic data, progress notes, and electronic prescriptions — the list of possible targets goes on.”

With so much at stake, providers more and more are attempting to identify, resolve and prevent adverse data information security and IT events using the same system that they use for tracking more traditional healthcare safety incidents. By incorporating all of these safety issues into one system, providers can navigate the myriad Health Insurance Portability and Accountability Act of 1996-related rules and regulations, as well as monitor, track and prevent IT and data security incidents.

Using the right workflow tools to track all of these adverse events also encourages a culture of safety within an organization. Staff feel safe to report IT and other safety-related incidents, and feedback from patients and service users — both positive and negative — is encouraged. Such an environment also creates the opportunity to learn, promoting openness and collaboration amongst staff and contributes to improving an organization’s culture.

As the global leader in healthcare safety and risk management technology for more than three decades, Datix provides patient safety and risk management solutions for hospitals and health systems. Our technology helps providers track adverse incidents and implement learning and resolution tools that measurably improve the overall safety, quality and experiences for patients and staff. Our patient safety workflow solutions also allow healthcare organizations to aggregate all of their data into a single system, creating an opportunity to generate and implement strategies to enhance the delivery of efficient, targeted and effective care.

Our software also reduces the frequency and impact of adverse events and allows providers to:

  • Consolidate all classes of adverse events — clinical, financial, data, medication, employee, etc. — into a centralized data repository resulting in unmatched reporting and analytics capabilities;
  • Improve patient experience and stay ahead of satisfaction scores with real-time responses;
  • Optimize utilization across the organization by not disrupting existing workflows; and
  • Promote a culture of learning by recording, investigating and analyzing your incident

To learn more about our patient safety and risk management technology, or schedule a demo, please click here