Larry Ponemon on securing regulated data in healthcare: Q&A

[InfoSec News <alerts () infosecnews org>]

http://healthitsecurity.com/2013/07/08/larry-ponemon-on-securing-regulated-data-in-healthcare-qa/

By Patrick Ouellette
Health IT Security
July 8, 2013

Though mobile applications that share files through the cloud such as Box and 
DropBox can be appealing to consumers, the Ponemon Institute has found that 
these types of applications can be unsafe in a clinical environment. Ponemon 
released its “The Risk of Regulated Data on Mobile Devices & in the Cloud” 
study recently and there was an abundance of healthcare-related information 
regarding access to healthcare regulated data on mobile devices and through 
cloud sharing services.

According to the study, about 33 percent of respondents said that they need to 
access protected health information (PHI) to do their work. Dr. Larry Ponemon, 
chairman and founder of the Ponemon Institute, touched upon a few pressing 
security issues when it comes to regulated data in healthcare during a recent 
conversation with HealthITSecurity.com on the study.

Lack of understanding was one problem, as a mere 15 percent of participants 
knew of HIPAA’s security requirements for regulated data on mobile devices 
despite 33 percent of respondents indicating that they are part of a HIPAA 
covered entity. About 40 percent weren’t sure if their organization’s rules on 
employee access and use of regulated data on mobile devices were HIPAA 
compliant, 12 percent said they were compliant, 31 percent were 
partially-compliant and 17 percent reported noncompliance.

[...]

--
Visit the new and improved InfoSec News website
http://www.infosecnews.org/