PHI Project Release Report About Health Care Data Security

March 8, 2012


On Monday, the PHI Project released a report about the state of data security within health care organizations titled, “The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security.” Key findings:

  • Weak Data Security: health care organizations are entrusted with safeguarding patient privacy, but their security efforts are not keeping pace with the growing risks of lost/stolen protected health information (PHI),
  • Data Breach Activity: the number and size of data breaches including PHI are increasing. The negative impacts are financial, legal, clinical, and reputational for the organizations experiencing data breaches,
  • The PHI Project recommends that health care organizations implement a five-step method – PHI Value Estimator (PHIve) — to evaluate the risks of a breach of PHI data, and implement preventative measures.

To view the original article please click here.

According to Rick Kam, president and co-founder of ID Experts and chair of the PHI Project:

“No organization can afford to ignore the potential consequences of a data breach… We assembled this working group to drive a meaningful dialogue on appropriate levels of investment to better protect healthcare organizations and PHI.”

The PHI Project is a partnership including the American National Standards Institute (ANSI) via its Identity Theft Prevention and Identity Management Standards Panel (IDSP), The Santa Fe Group/Shared Assessments Program Healthcare Working Group, and the Internet Security Alliance (ISA) — with assistance from ID Experts.

Tags: , , ,