TechTaffy

tech:

taffy

Health Industry Under-Prepared to Protect Patient Privacy: PwC

By TechTaffy Desk

A majority of health organizations are under-prepared to protect patient privacy and secure data as new uses for digital health information emerge, and access to confidential patient information expands, according to a report by the Health Research Institute at PricewaterhouseCoopers (PwC).

According to the report, existing privacy and security controls have not kept pace with new realities in healthcare, like increased access to information in electronic health records or greater data collaboration with external partners and business associations.

A recent nationwide PwC Health Research Institute survey of 600 executives from US hospitals and physician organizations, health insurers, and pharmaceutical and life sciences companies found, among other things that theft accounted for 66 percent of total reported health data breaches over the past two years, and medical identity theft appeared to be on the rise.  The research also found that there is considerable concern for the ‘knowledgeable insider.’ On average, improper use of personal health information by an internal party was the leading privacy/security issue experienced by healthcare organizations over the last two years.

PwC says, the study revealed that more than half of healthcare organizations allow access to social networking while at work; and less than half have a policy covering the use of social media outside of work.

Digitized health data is becoming one of the most highly valued assets in the health industry, and, according to PwC, all kinds of organizations are now converging around the shared use of the information to enable new care delivery models. Organizations also are discovering the potential in secondary uses of the information beyond treating patients, such as in clinical studies, post-market surveillance of drugs and the development of new products and services. However, while many organizations are sharing information, only a handful have established proper restrictions and consent agreements to control proper access, says PwC.

E-say

Peter Harries  (principal and co-leader, Health Information Privacy and Security Practice, PwC): To protect patient trust and their own brand reputation, organizations need to go beyond minimum regulatory requirements and adopt an integrated approach that combines privacy, security and compliance within a culture where all employees see themselves as champions of confidentiality and where privacy is part of the patient experience.

You can find the PwC release here. The study can be downloaded here.

Just in

Around the web

Windows 11 Start menu ads are now rolling out to everyone — The Verge

Microsoft is starting to enable ads inside the Start menu on Windows 11 for all users, writes Tom Warren. 
Around the web

Biden signs TikTok ‘ban’ bill into law, starting the clock for ByteDance to divest it — The Verge

President Joe Biden signed a foreign aid package that includes a bill that would ban TikTok if China-based parent company ByteDance fails to divest the app within a year, writes Lauren Feiner.
IT

IBM to acquire HashiCorp for $6.4B

IBM and HashiCorp have entered into an agreement for IBM to acquire HashiCorp, a provider of infrastructure and security management products, for $6.4 billion.
AI

OpenAI introduces new enterprise features

OpenAI announced new features aimed at enterprise users on Tuesday, at the wake of Meta's recent LLama 3 announcement.
Around the web

Oracle is moving its world headquarters to Nashville to be closer to health-care industry — CNBC

Oracle Chairman Larry Ellison said Tuesday that the company is moving its world headquarters to Nashville, Tennessee, to be closer to a major health-care epicenter, writes Ashley Capoot.