In this series, we are featuring some of the thousands of vendors who will be participating in the HIMSS15 conference and trade show. Through it, we hope to offer readers a closer look at some of the solution providers who will either be in attendance – with a booth showcasing and displaying key products and offerings – or that will have a presence of some kind at the show – key executives in attendance or presenting, for example.
Hopefully this series will give you a bit more useful information about the companies that help make this event, and the industry as a whole, so exciting.
A leader in healthcare data management, BridgeHead Software is addressing the constraints of the traditional vendor neutral archive (VNA) with HealthStore, the first independent clinical archive (ICA).
With 20 years’ experience in data and storage management, BridgeHead Software is trusted by over 1,200 hospitals worldwide. Today, BridgeHead Software helps healthcare facilities overcome challenges stemming from rising data volumes and increasing storage costs while delivering peace of mind around how to store, protect and share clinical and administrative information.
BridgeHead’s Healthcare Data Management solutions are designed to work with any hospital’s chosen applications and storage hardware, regardless of vendor, providing greater choice, flexibility and control over the way data is managed, now and in the future.
Services and Products Offered
BridgeHead HealthStore, is the first Independent clinical archive (ICA) for long-term storage, protection and sharing of hospital data. A modular solution built on top of the BridgeHead Healthcare Data Management (HDM) platform, BridgeHead HealthStore enables hospitals to standardize access to key elements of the patient record while simultaneously freeing them from dependence on any single system to locate the information.
Looks like my suspicions are correct. Most health data breaches are inside jobs. But, what’s surprising, according to a somewhat recent survey from Veriphyr — an access and identity provider – is that the majority of data breaches of medical records is by practice employees.
According to the survey, most of the data breeches of medical records more than 35 percent were of healthcare employees peeking into the files of their co-workers. Another 27 percent of the breeches reported were of a healthcare employee’s family or friends
Also gleaned from the survey is that of the hospitals and healthcare facilities surveyed, 70 percent reported some form of data breech. Data breeches cost healthcare organizations more than $6 billion a year, according to Veriphyr’s CEO, Alan Norquist, so they really are big business.
Some of the report’s key findings include:
Top breaches by type:
- Snooping into medical records of fellow employees (35 percent)
- Snooping into records of friends and relatives (27 percent)
- Loss/theft of physical records (25 percent)
- Loss/theft of equipment holding record (20 percent)
When a breach occurred, it was detected in:
- One to three days (30 percent)
- One week (12 percent)
- Two to four weeks (17 percent)
Once a breach was detected, it was resolved in:
- One to three days (16 percent)
- One week (18 percent)
- Two to four weeks (25 percent)
According to Health Data Management, there have been more than 31,000 data breeches in the last two-and-a-half years. Most of these breaches are unintentional, though, according to magazine, with “employee transferring records to a flash drive or sending records to a personal e-mail account to work on them from home, or even sending records to a peer for advice.”
Accordingly, some steps to limiting internal data breeches is to continuously educate your employees about the dangers and consequence of handling HIPAA-protected data appropriately, and in some case, it’s may be necessary to adopt new policies to help manage how data is accessed. For example, if personal devices are allowed to be used in the work setting, you need to establish some rules to protect the data the the devices access, and in some cases, you’re going to have to offer support of the devices.
For more details about how to create a BYOD plan, take a look at this recent post: Creating a BYOD Plan Protects Your Practice and Your Employees.
Nevertheless, the information about data breeches is shocking. The number of employees sneaking peeks at patient’s profiles is like the rest of the world surfing the social profiles of complete strangers. Sure, the information is there, but that doesn’t mean we should take advantage of it.