• Skip to main content

DistilGovHealth

DistilNFO GovHealth Advisory

  • Publications
    • Home
    • DistilINFO HealthPlan
    • DistilINFO HospitalIT
    • DistilINFO IT
    • DistilINFO Retail
    • DistilINFO POPHealth
    • DistilINFO Ageing
    • DistilINFO Life Sciences
    • DistilINFO GovHealth
    • DistilINFO EHS
    • DistilINFO HealthIndia
    • Subscribe
    • Submit Article
    • Advertise
    • Newsletters

Healthcare Overconfident in Privacy Maturity, As Breach Rate Rises

Share:

June 26, 2019

An Integris report takes pulse of the industry’s data privacy maturity, finding that while healthcare was one of the most breached sectors in 2018, its leadership is overly confident in their privacy policies.

The majority of healthcare leadership is overly confident in their data privacy maturity, despite failing to keep an accurate pulse on the data it maintains, transmits, and acquires, according to a recent Integris Software report.

Integris researchers surveyed 258 top business executives and IT decision makers from mid- to large-sized organizations to determine where the healthcare sector stands with data privacy maturity.

The researchers found most organizations were overly confident in their technical maturity, with 70 percent of respondents reporting they were very or extremely confident in knowing exactly where sensitive data resides.

Want to publish your own articles on DistilINFO Publications?

Send us an email, we will get in touch with you.

However, 50 percent of those respondents update their personal data inventory just once a year – or even less. And just 17 percent of respondents are able to access sensitive data across five common data source types.

What’s more, none of the respondents had a lack of confidence in their organization’s ability to define personal data, with about 66 percent feeling very or extremely condiment in their ability.

“Are respondents falling victim to overconfidence? Perhaps,” the researchers wrote. “Sensitive data has an evolving nature. What’s considered a sensitive category or piece of data today may not be considered sensitive tomorrow, and vice versa. Understanding derivative personal data is important, yet challenging.”

“For example, notes on patient’s diet can infer religion,” they continued. “Data flowing in and out of data lakes is also a blind spot for many respondents. Data lakes ingest disparate pieces of customer data from a variety of sources. When combined, this data has the potential to reveal customer identities along with highly sensitive personal information.”

In fact, the report noted that 87 percent of the US population can be identified with just their zip code, gender, and birthdate.

Compliance Still Driving Privacy Decisions

The researchers stressed that data privacy impacts more than compliance, with 76 percent of respondents saying the regulatory environment continues to drive urgency to prove regulatory compliance.

These measures include data subject access requests, enforcing data retention and classification policies, and responding rapidly to breaches, the report found.

“Data privacy impacts much more than regulatory compliance efforts,” the researchers wrote. “When done right, data privacy management supports the broader healthcare information management control framework— regulations, policies, and contracts.”

“For example, proving compliance with business obligations like data sharing agreements was cited by 67 percent of respondents, they added.

Sixty-one percent cited enforcing internal data handling policies like classification and retention as compliance related, with another 28 percent privacy impacting mergers and acquisitions’ due diligence, and 22 percent citing the delivery of AI and machine learning projects (22%). And 35 percent saw privacy concerns impacting data lake hygiene.

What’s more, about 29 percent of budgets are designated for legal, risk, and compliance, while just 3 percent of privacy budgets are assigned to privacy management. And in 6 percent of organizations, it’s not clearly defined.

“Healthcare technology leaders are increasingly being tasked with operationalizing their data privacy management program,” the researchers noted. “Why? At its core, data privacy is a data issue, and privacy is an outcome of a comprehensive data protection strategy.”

“Forward looking healthcare organizations are treating privacy as part of a broader data protection strategy where privacy tells you what’s important and why, and security is the how,” they added.

Date: June 26, 2019

Source: Health IT Security

Coffee with DistilINFO's Morning Updates...

Sign up for DistilINFO e-Newsletters.

Just a little bit more about you...
PROCEED
Choose Lists
BACK

Related Stories

  • Major Payers Find HHS Finalized Nondiscrimination Rule Too NarrowMajor Payers Find HHS Finalized Nondiscrimination Rule Too Narrow
  • New Clinically Validated Sleepcheck App LaunchesNew Clinically Validated Sleepcheck App Launches
  • Apple Still has a Lot of Room to Grow in the $3.5 Trillion Health Care SectorApple Still has a Lot of Room to Grow in the $3.5 Trillion Health Care Sector
  • Google Moves Further Into Healthcare: a Timeline of the Last YearGoogle Moves Further Into Healthcare: a Timeline of the Last Year
  • Superb Healthcare At Ultra-Low Prices? How Singapore Does ItSuperb Healthcare At Ultra-Low Prices? How Singapore Does It
  • AI, Machine Learning, and Blockchain are Key for Healthcare InnovationAI, Machine Learning, and Blockchain are Key for Healthcare Innovation

Trending This Week

Sorry. No data so far.

About Us

DistilINFO is media company that publishes Industry news, views and Interviews. We distil the information for you – saving time and keeping you up to date on your interest areas.

More About Us

Follow Us


Useful Links

  • Subscribe
  • Contact
  • Advertise
  • Privacy Policy
  • Terms of Service
  • Feedback

All Publications

  • DistilINFO HealthPlan Advisory
  • DistilINFO HospitalIT Advisory
  • DistilINFO IT Advisory
  • DistilINFO Retail Advisory
  • DistilINFO POPHealth Advisory
  • DistilINFO Ageing Advisory
  • DistilINFO Life Sciences Advisory
  • DistilINFO GovHealth Advisory
  • DistilINFO EHS Advisory
  • DistilINFO HealthIndia Advisory

© DistilINFO Publications