5 Tips For Safeguarding Data Security
By Christopher Click, Sr. Healthcare Solutions Marketing Manager, Nuance Document Imaging
It looks like ensuring complete data security in healthcare may be more challenging this year. According to the Ponemon Institute’s Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data, data breaches in the healthcare industry are continuing to grow in terms of volume, frequency, impact, and total cost.
Most notably, nearly 90 percent of responding healthcare organizations reported a data breach in the past two years, and nearly half of those organizations experienced five or more data breaches in the same time period.
When taking steps to protect data security, healthcare providers shouldn’t overlook documents that transition between paper and digital formats during their lifecycle. In particular, those transition points, such as document scanning and printing, can introduce risk. Here are five tips on steps to take to mitigate that risk in your organization.
- Improve Document Management
One way to safeguard data security is utilizing document management technology designed just for healthcare. These solutions add a layer of security around existing processes and reduce risk of HIPAA and other compliance breaches, all while simplifying workflows and reducing costs.
For example, document management and document imaging software products can provide healthcare organizations with the administrative, physical, and technical controls to protect patient health information (PHI) in both paper and electronic records. This software can provide capabilities such as authorization tools that verify user credentials at every device; authentication functionality that limits employee access to specific devices, applications and systems; and file destination control to monitor (and audit) the flow of patient data and control it before it reaches its destination.
2.Avoid Data Leakage
One way data security can be compromised is through documents that have been scanned and distributed by email. This unwanted data leakage occurs often when people have uncontrolled access to scanning combined with access to sensitive content.
Safeguard your security by placing filters within scanning applications to restrict document access. These content filters can search for specific words like “confidential” once they are transformed to searchable format during the scanning process. After the terms are identified, the software can take any number of actions, including automatically encrypting the file prior to sending, or perhaps quarantine or delete the file altogether.
3.Protect Against Unauthorized Access
Oftentimes, organizations make the mistake of attempting to cover up confidential information, like a social security number, by using a drawing markup tool, such as a rectangle with solid fill. That’s a path to redaction failure.
The only secure way to do redaction is with a redaction tool, commonly found in PDF software. These tools don’t just cover up text or images; they replace the selected areas pixel by pixel with redaction fill.
4.Don’t Let Printing Be An Afterthought
With security paramount among healthcare providers, healthcare providers devote significant budget allocations towards preventing unauthorized access. Unfortunately, breaches still occur and when they do organizations face mandated reporting requirements to avoid additional penalties.
Printing is a data security tactic notoriously overlooked in this regard. Due to the non-searchable format of printed documents, they can be difficult to track and dangerous to store. Plus, consider the human error involved — accidentally taking the wrong document from the printer or maliciously distributing copies outside of an organization can be just as damaging as a hacker or malware. Establishing a robust print and capture log can help with these protection efforts.
Studies show 20 percent of all print jobs are never retrieved by the original user. Print management software can prevent exposure of information by holding your print job in a secure print queue until you authorize its output when you are at the printer. This protected print release allows you to print from anywhere on your network and pick up the documents when and where you want.
5.Be Prepared for Remediation
Even with healthcare providers devoting significant resources towards preventing unauthorized data access, breaches still do occur. When they do, organizations face mandated reporting requirements to avoid additional penalties.
Maintaining a comprehensive log of print and scanning activities will give you peace-of-mind that you can address regulatory reporting requirements in response to a data breach. You will know who engaged with which documents on what devices — and what happened to those documents.
About The Author
Chris Click is the Sr. Healthcare Solutions Marketing Manager for Nuance Document Imaging, where he is responsible for driving the worldwide print and capture marketing strategy for the division’s healthcare solutions. Prior to his current role, Chris worked as the Nuance Healthcare Division solutions marketing director and previously headed up sales and marketing at Client Outlook Inc. a provider of healthcare enterprise imaging applications sold through a global partner network. Chris graduated with B.S. in Computer Science from Dallas Baptist University.