By Jack Anderson
June 11, 2015
The study found that healthcare was most at risk for costly breaches, with an average cost per record lost or stolen as high as $363, more than twice the average for all sectors of $154.
That reflects the relatively high value of a person’s medical records on the underground market, said IBM, as Social Security information is much more useful for identity theft than simple names, addresses or credit card numbers. This also points out one of the major mistakes healthcare has made as an industry; using social security numbers for identification.
Yet another verfication that healthcare providers and their business associates are sitting on extremely valuable information which will be very costly to them if it is lost or stolen. Multiply $363 times the number of patient records that you store, access, transfer or create and then ask yourself if you could afford to pay that amount without bankrupting your company. Cybercriminals are a threat but sso are your own staff if they are not properly trained. Everyone that has access to your PHI must be familiar with your policies and procedures and follow them in the daily activities. If you are ever audited the auditor will check to see if you have wrtitten policies and procedures but the next step will be to observe your staff to see if they are folllowing these policies and procedures. Training should be done based on your own policies and procedures not some canned set.