Last year was the worst year in history for healthcare data breaches. According to the National Cybersecurity Institute, healthcare breaches surpassed 112 million records during 2015—100 times more than the previous year. Additionally, eight out of 10 of the largest hacks in 2015 were aimed directly at healthcare, and the three biggest breaches in history were recorded in 2015. IDC’s Health Insights group recently reported that one in three healthcare organizations will likely have their data compromised within the next 12 months. Considering these statistics, security tools must be considered critically important for healthcare organizations to further invest in during 2016. Failing to strengthen security infrastructure will likely result in more of the same trends: more breaches, more HIPAA violations, more dissatisfied patients, more fines, and more damage to hospital reputations. Healthcare leaders know this. When a recent CHIME survey asked “What are your top three concerns for your healthcare organization?”, patient data security was right up there.
Hackers have attacked hospital systems in many ways. One key to unlocking the gates—the mobile device—is unfortunately becoming increasingly vulnerable. This is due largely to the increasing prevalence of devices and their uses. New use cases and workflows are increasing the amount of protected health information (PHI) that is stored and transmitted via mobile apps. According to a Manhattan Research/Physician Channel Adoption study, 87 percent of doctors use a smartphone at work to support their workflows. One significant data leak to consider is unsecure text messaging, or SMS text messaging. A Spyglass Consulting Group report revealed that 96 percent of physicians use consumer text messaging for patient care coordination, and 30 percent have admitted to receiving PHI via consumer texting apps. In addition to SMS, many care providers are using other consumer apps to transmit text messages, images, and files that contain PHI, such as WhatsApp®, WeChat®, and Dropbox®. Using apps not designed to secure healthcare communications can pose a risk to hundreds of thousands—if not millions of patient records, and make it impossible for healthcare IT teams to secure or track PHI. This creates ideal conditions for hackers.
Many healthcare leaders recognize that users are sending PHI via consumer messaging and other unsecure consumer apps. When asked in a CHIME survey “What are the most important considerations for a mobile device strategy?”, security was indicated as number one, and secure communications ranked second. Many end-users realize the severity of this problem as well. When the same CHIME survey asked, “From your staff, what concerns do you hear most often regarding healthcare IT data integrity and security?”, fifty percent said secure messaging. Other market research shows that 2016 will likely see the vast majority of hospitals prioritize investments in secure text messaging—recent research from KLAS shows that 60 percent of healthcare organizations plan to implement secure text messaging within the next year. With Spok data showing that 78 percent of hospitals indicate security of PHI as the top driver for secure texting, these trends are likely being driven by concerns about data breaches.
Implementing secure text messaging appears to be a top priority for hospitals in 2016, and for good reason. Securing the transmission and storage of text messages, images, and other files can help hospitals remain compliant with HIPAA standards and protect patient data from breaches. Despite all of the numbers and data contained in this post, the real argument for implementing secure text messaging isn’t about numbers—it’s about people. It’s about patients and their right to privacy. It is the responsibility of all hospital systems to protect their patients from the influx of breaches that looms on the horizon.
Secure Text Messaging Statistics at a Glance:
- Healthcare breaches surpassed 112 million records during 2015. (National Cybersecurity Institute)
- Eight out of 10 of the largest hacks in 2015 where aimed directly at healthcare. (Financial Times)
- The three biggest breaches in history were recorded during the last year. (National Cybersecurity Institute)
- Thirty-three percent of healthcare organizations will likely have their data compromised within the next 12 months. (IDC Health Insights)
- Patient data security was found to be among the top three concerns for healthcare organizations. (CHIME)
- Eighty-seven percent of doctors use a smartphone at work to support their workflows. (Manhattan Research/Physician Channel Adoption)
- Ninety-six percent of physicians use consumer SMS for patient care coordination (Spyglass Consulting Group)
- The most important considerations for a mobile device strategy were security and secure communications. (CHIME)
- Fifty percent of staff indicated that secure messaging is the biggest concern for healthcare IT data integrity and security. (CHIME)
- Fifty-three percent of hospitals have yet to implement a secure text messaging solution. (Spok)
- Seventy-eight percent of hospitals indicate security of PHI as the top driver for secure texting. (Spok)
This article was originally published on the Spok Blog and is republished here with permission.