Keeping Personal Health Information Safe: The Importance of Good Data Hygiene

×

Toplines

    80 percent of health data breaches happen because of a failure to follow best practices
    Close to 1,000 data breaches of health information occurred between 2010 and 2013

The Issue

A new study in JAMA by Vincent Liu of the Kaiser Permanente Division of Research found 949 data breaches of health information between 2010 and 2013, affecting 29.1 million patient records. In an editorial, The Commonwealth Fund’s David Blumenthal and Deven McGraw of Manatt, Phelps & Phillips reflected on the study’s implications.

Study Findings in Context

A nationwide electronic health information system has the potential to improve care and provide a rich source of data for researchers. But such a system will be difficult to implement if patients fear their data are being compromised and either resist sharing or withhold important sensitive information.

Health care organizations, clinicians, and insurers can help. While some data breaches are the result of “malicious hacking,” more than 80 percent happen because organizations fail to follow “good data hygiene,” like encrypting health information. Policymakers also can help by revisiting the Health Insurance Portability and Accountability Act (HIPAA), which was enacted before the Internet and leaves substantial gaps in protection.

Conclusions

Loss of trust in an electronic health information system can undermine efforts to improve health and health care in the United States. Threats to the safety of health care data should receive more focused attention from public and private stakeholders.

Read the editorial.

View our list of key findings

Publication Details

Publication Date:
April 14, 2015
Authors:
David Blumenthal, M.D., and Deven McGraw
Contact:
David Blumenthal, M.D., President, The Commonwealth Fund
E-mail: db@cmwf.org
Summary Writer:
Deborah Lorber
Citation:
D. Blumenthal and D. McGraw, “Keeping Personal Health Information Safe: The Importance of Good Data Hygiene,” Journal of the American Medical Association, April 14, 2015, 313(14):1424.
View full article

Related Topics


Forgot Password

An email has been sent to {{email}} with your reset password.

Account was not found. Please go to the login page and enter a new password.

Account was not found. Please try again with a different email address.

There was an error when attempting to send to {{email}}. Please contact an administrator.