SALES | 513-557-3504      SUPPORT | 1-800-327-1213

At $380 per record, the average cost in the United States for a healthcare-related data breach is $7.4 million, according to a recent IBM Security/Ponemon Institute study.[1] Patients, too, pay a steep price when their protected health information is stolen. According to a tally by the Identity Fraud Alliance and the U.S. Federal Trade Commission, fully two-thirds of PHI theft victims lose more than $13,000 as a result of the theft.[2]

In the past decade, the healthcare industry has undergone a federally mandated digitization that’s required a rapid — and for some, uncomfortable — transition away from physical forms and manila file folders. Along with the expected growing pains, this ongoing change has forced providers to confront a host of unexpected issues and challenges.

Today, data security and integrity are near the top of the list of providers’ near-term worries, especially as the $3.2 trillion healthcare industry looks to streamline operations and trim costs through automation. The following best practices can help providers understand security risks and improve data integrity of IT systems — all while harnessing the best technology to stay competitive and keep patients happy.

Data security: assessing threats

Defining risk is the central focus of healthcare data security. And let’s face it, a physician’s IT system today stores not only credit card information and bank account details, but also medical histories, test results, and other sensitive information that should remain under lock and key.

As part of the agency’s ongoing EHR initiatives, the U.S. Centers for Medicare and Medicaid Services recently developed data security guidance for providers that outlines five areas that should be considered, such as:[3]

  • Physical safeguards on facilities and other places where patient data is accessed, including computer equipment and portable devices;
  • Administrative safeguards like designating a security officer, or providing workforce training and oversight, controlling information access and periodic security reassessment;
  • Technical safeguards, including controls on access to PHI, use of audit logs to monitor users and electronic exchanges of patient information;
  • Policies and procedures that set forth a formal process to ensure compliance under federal law; and
  • Organizational requirements that define the related responsibilities of business partners and vendors.

Data integrity: ‘authenticity’ and ‘reliability’

In this new era of digitization, the consistency and quality of financial and patient-related data is a priority. In fact, one of seven core principles for a successful information governance program outlined by the American Health Information Management Association involves data integrity, or as the trade group defines it, “a reasonable and suitable guarantee of authenticity and reliability” of patient and financial data.[4] AHIMA’s guidance further states:

“Integrity provides trust that the information is authentic. An authentic record is one that is proven to: be what it purports to be; has been sent, received, or created by the person or system purported to have done so; [and] has been sent, received, or created at the time purported.”

New technology such as three-factor authentication, biometric identification tools and encrypted software make it easier than ever before for providers and healthcare businesses to ensure that data is authentic and reliable. These solutions also provide additional convenience and affordability for patients, which can improve satisfaction scores and, ultimately, a provider’s bottom line.

Interested in learning about how data security and integrity can affect your healthcare business? Let’s talk. We provide clients with tailored business solutions that simplify workflow, minimize operating costs, and maximize reimbursements. Our services include patient eligibility verification, claims processing, remittance advice, patient statements, patient payment portal, customized reporting and analytics, and a unique electronic prior authorization solution set. We process more than $1 billion claims each month with a 98 percent annual client retention rate. And through our connections with more than 4,000 payers, we possess a 96 percent clean claim rate.

1 HIPAA Journal, “Healthcare Data Breach Costs Fall to $380 Per Record,” 2017
2 America’s Health Insurance Plans, “Understanding and Preventing Medical ID Theft,” 2017
3 U.S. Centers for Medicare & Medicaid Services, “Security Risk Analysis Tip Sheet: Protect Patient Health Information,” 2016
4 American Health Information Management Association, “Evaluating the Information Governance Principles for Healthcare: Integrity and Protection,” 2015