Is becoming Certified HIPAA Security Professional (CHSP) certified a good career move? Is giving your selected employees the opportunity to achieve the CHSP a good corporate move? The demand for professionals trained in Security and in particular HIPAA Security data breaches is on the move. Those breaches cost the industry $5.6 billion each year. Data breaches targeting medical records is increasing daily. The stolen information’s value is increasing daily.
Most data breaches a few years ago were caused by stolen laptops, unencrypted thumb drives, operator error, etc. Even today, many Healthcare IT professionals feel that these types of breaches make up the majority of the breaches. Too many also feel it couldn’t happen to them. Let’s see some examples of why organizations might want to be prepared. Recently Community Health had a breach of patient information of 4.5 million patients’ data, including names, addresses, birth dates, telephone numbers and Social Security numbers.
St. Joseph Health System (SJHS) in Texas reported a data breach at the beginning of the year that has affected more than 405,000 patients, employees, and employee beneficiaries. Information was reportedly accessed through a single server by hackers from China and other locations. The data included patient names, birth dates, Social Security numbers, and possibly addresses. Medical information for patients was accessible, as well as bank information for current and former employees. A group of hackers breached an agency server of the Department of Public Health and Human Services. This breach continued for a year starting from July 2013 and it resulted in losing data of 1.3 million people
Onsite Health Diagnostics (OHD), a Tennessee government subcontractor, announced over the summer that an unknown party had inappropriately accessed its online scheduler early in the year. It was reported at the time that the source gained access to 60,582 employee data, such as names, date of birth, addresses, email addresses, phone numbers and gender
Other than the breach itself, is any real damage being done? UPMC knows the answer to that. The University of Pittsburgh Medical Center says the total number of employees affected by a recent breach of financial information includes just about its entire workforce of 62,000, although it’s not revealing many details about the incident. So far, the beach has led to nearly 800 workers falling victim to federal income tax fraud, as well as the filing of two class action lawsuits.
Boston Children’s, Kaiser Permanente, Tufts Health Plan, Franciscan Medical Group, Garden City, New York-based NRAD Medical Associates (97,000). All breached in April 2014. And my favorite – In two OHSU incidents, information on a total of more than 3,000 patients was inappropriately posted in unencrypted spreadsheets using cloud-based e-mail and document storage services from Google. OHSU did not have a business associate agreement with Google.
Will the demand for security continue to increase? If the above examples, don’t illustrate the challenge. Think about all the mobile phones that all over healthcare. Each of those represents another area for possible breaches to occur. Plus, now EHRs are tracking and reporting on any breaches that occur by staff. One way to battle against this is to ensure proper security and privacy training for you and your staff.
So, might this be a significant career move? For employers, is this an important investment consideration? Every day, it looks like security and HIPAA compliance training is a great addition for candidates and an equally important investment for healthcare organizations (including business associates). Data Breaches and attempted data breaches will only increase. What’s the old saying? “Pay me now or pay me later”. It seems to fit well here. Don’t wait, make sure your organization is prepared with proper security and privacy training.
With this in mind, we’ve worked out a $100 discount on the Certified HIPAA Security Professional (CHSP) training for Healthcare IT Today readers. That link will automatically apply the HITC100 promo code and save you $100. If you are a HIPAA compliance officer or want to be one, check out the training. The training only takes 4 hours and will get you up to speed on the latest in HIPAA Compliance.