On December 6, 2012, the Ponemon Institute released its Third Annual Privacy & Data Security Study. The study, involving 80 healthcare organizations and 324 interviews, showed that these organizations "face an uphill battle in their efforts to stop and reduce the loss or theft of protected health information." Although recent Department of Health and Human Services Office for Civil Rights audits and other enforcement activity have brought about changes in patient privacy and security compliance programs, breaches continue to increase. While organizations rely on employee training as their primary compliance activity, this training does not seem to reduce insider negligence, which is still one of the top three causes of data breaches. The other most common causes of data loss are third-party snafus and lost or stolen computing devices. Study participants cited a shortage of funding, technologies and expertise as barriers to compliance. The costs of these breaches continue to rise. The economic impact of one or more data breaches for healthcare entities in the study ranges from under $10,000 to more than $1 million.
To obtain a copy of the entire document, visit this link: http://www.ponemon.org/blog/third-annual-patient-privacy-data-security-study-released