No matter what the size of the medical practice is, growth continues in using computers with on-line systems, portable tablets, laptops and mobile devices to transmit Protected Health Information (PHI).
According to Vormetric and Wakefield Research, most health care providers remain unaware of their vulnerability to a medical data theft and the fact that a breach could be far more damaging than a stolen credit card or social security number.
With the FBI reporting that black market prices for PHI are four to 12 times higher for medical records than credit card data, people's healthcare data is a primary target for hackers.
A recent study by the Ponemon Institute stated that over two-thirds of medical record victims said that they had paid an average of $13,500 to resolve the theft of their PHI.
What is the price of a medical practice breach?
Engagement of professional specialist(s)
Changed focus from patient care to an internal emphasis
Fines and Resolution agreements
Fallout from a breach can be devastating to the company that experiences the breach and to their patients. Early estimates for both the Anthem and the Community Health Systems breaches put their cost north of $100 million, with the possibility of facing potential class-action lawsuits.
The foundation of a medical provider and patient relationship is trust. What is the price of losing that trust?
Judith Lindsay, CEO of JAL Consult tackles all the elements of HIPAA compliance puzzle. Successfully assisting organizations to make sense of it all by implementing the correct policies and procedures that are reasonable and appropriate for their entity. Judith provides consulting, training and is available for speaking engagements. To read more about the world of compliance subscribed to JAL’s insightful newsletter at www.jalconsultantsaz.com OR follow JAL on Twitter @ judithconsult
Personal Information Collected Online
•Personal Information means personally identifiable information such as information provided via forms, surveys, applications or other online fields including name, postal or email addresses, telephone, fax or mobile numbers, or account numbers.
•Before or at the time of collecting personal information, JAL will identify the purposes for which the information is being collected.
•JAL will collect and use personal information solely for the purpose of fulfilling specific contracted engagements or for other compatible purposes, unless consent is obtained from the company and/or individual concerned or as required by law.
•JAL will retain personal information as long as necessary for the fulfillment of a specific contract or for a specific purpose.
•JAL will collect personal information as deemed lawful and where appropriate with the knowledge and/or the consent of the individual or company.
•Personal data should be relevant to the extent of necessary purposes and should be accurate, complete and up-to-date.
•JAL will protect personal information by reasonable safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
•JAL will make readily available to customer’s information about our policies and practices relating to the management of personal information. Terms and Conditions
JAL is committed to conducting our business in accordance with these principals in order to ensure that the confidentially of personal information is protected and maintained. By accessing this website, you are agreeing and bounded by these Website Terms and Conditions of Use, all applicable laws and regulations. If you do not agree with these Terms and Conditions, you are prohibited from using or accessing this website. The materials contained in this Web Site are protected by all applicable copyright and trade mark laws.
Our Online Notices are subject to change. Please review it periodically. If we make changes, we will revise the “Last Updated” date at the top of this Notice. Any changes will become effective the date the revised Notice is posted on the Site.