Five Things Hospitals Must Know about Keeping Digital Medical Records
AUSTIN, April 2 /CNW/ - The American Recovery and Reinvestment Act(1)
(ARRA), which was signed by President Barack Obama on February 17, 2009,
offers financial incentives for healthcare institutions across the United
States to invest in technology and convert medical records to electronic
formats. The ARRA includes more than $21 billion of funding in technology
investments, much of which will be allocated to Healthcare IT departments.
These incentives will revolutionize record keeping in the healthcare
industry, making medical records available throughout hospitals on mobile
computers, tablet PCs, and shared terminals. With this accessibility and
increased efficiency, healthcare providers need to be aware of and address the
vulnerabilities of such systems to data breaches and theft. Absolute(R)
Software Corporation, the leading provider of firmware-based, patented,
computer theft recovery, data protection and IT asset management solutions,
has more than a decade of experience with the security risks and privacy
issues that accompany the use of mobile IT assets, as well as the necessity
for a multi-layered approach to security.
According to a recent study from Health Industry Insights(2), an IDC
Industry Insights company, the economic stimulus package will advance
technology investment among healthcare organizations over the next four years,
with spending levels potentially reaching $70 billion by 2013.
"The ARRA creates significant new requirements for healthcare
organizations to proactively manage the security of digital patient
information" Scott Lundstrom, VP Research for Health Industry Insights.
"Electronic medical record implementations will be held to strict standards
designed to protect the privacy of individual medical records. Meeting the
standards will be a challenge - the dynamic nature of healthcare coupled with
the move to mobile computing platforms makes the proper security of patient
information especially difficult. Confidential information, including patient
records, social security numbers and more can be compromised if healthcare
organizations are not taking the proper precautions."
"Securing patient data should be a priority among healthcare
organizations," says Brad Myrvold, Manager of Desktop Technology at Allina
Hospitals & Clinics. "When electronic protected health information records are
compromised, hospital systems lose the trust of current, past and prospective
patients. That's why we have taken a multi-layered approach to mobile data
security including encryption, remote data delete and computer theft recovery
As the new era in digital patient information begins, Absolute Software
has mapped out best practices for keeping data secure in healthcare
Top Five Healthcare Practices for Keeping Data Secure(3):
1. Know the Consequences of a Data Breach. If the consequences of a
data breach are known throughout the organization, employees will
understand the importance of preventing them. Preventing data
breaches should be a top priority at healthcare organizations.
According to a recent study from the Ponemon Institute,(4)
organizations that experienced a data breach in 2008 paid an
average of $6.6 million to rebuild their brand image and retain
their customers. The study also found that healthcare companies
lost the most business resulting from data breaches compared to
any other industry.
2. Assess your Organization's Situation. Every healthcare facility is
different, varying not only in size but also in methods and
protocols. Healthcare managers should properly assess all areas of
the facility where confidential data may be stored, then determine
who has access to them and how they are being protected. Before an
organization can begin to streamline its IT security, it must have
a firm understanding of what it needs to protect.
3. Implement a Comprehensive Data Security Plan. Healthcare
facilities should institute a comprehensive data security plan to
protect computing assets and sensitive information. Even with
encryption in place, 56% of employees disable their company-issued
encryption solution.(4) Security and asset management solutions
such as Absolute Software's Computrace(R) should be part of a
multilayered approach in protecting organizational computers.
Absolute Software's Computrace has the ability to track and
recover missing laptops as well as to remotely delete sensitive
files. Computrace Mobile by Absolute Software allows IT managers
to monitor and protect smart phones in a similar fashion.
4. Secure Data on Mobile Computers. Sensitive data must be protected
on all computers, especially mobile computers. The more hospitals
use mobile computers and PDAs, the higher the risk theft and data
ending up in the wrong hands. A multi-layered approach to data
security and theft is necessary to protect these assets.
5. Create a Data Breach Policy. With more sensitive data being stored
electronically, it is vital for healthcare organizations to have
data breach contingency plans in place. In the event of a data
breach, there should be a standard procedure in place to minimize
damage and for timely notification of supervisors, law
enforcement, patients and the media, as necessary. It is best to
be proactive as opposed to reactive when handling something as
time sensitive and serious as a data breach.
"President Obama's plan gives healthcare organizations a much-needed
incentive to turn the corner when it comes to digitizing medical records,"
said John Livingston, CEO of Absolute Software. "But, with this bold
investment in healthcare IT comes great responsibility. If patient information
is not protected properly, data breaches can pose serious short and long-term
consequences for all involved."
About Absolute Software
Absolute Software Corporation (TSX: ABT) is the leader in Computer Theft
Recovery, Data Protection and Secure Asset Tracking(R) solutions. Absolute
Software provides organizations and consumers with solutions in the areas of
regulatory compliance, data protection and theft recovery. The Company's
Computrace(R) software is embedded in the firmware of computers by global
leaders, including ASUS, Dell, Fujitsu, General Dynamics Itronix, HP, Lenovo,
Motion, Panasonic and Toshiba, and the Company has reselling partnerships with
these OEMs and others, including Apple. For more information about Absolute
Software and Computrace, visit www.absolute.com.
(1) For complete text of The American Recovery and Reinvestment Act
(ARRA), please visit
(2) Health Industry Insights: "Business Strategy: Capturing Your Share of
the American Recovery and Reinvestment Act," March 2009. To read the
entire study, please visit
(3) Absolute Software's expertise is limited to general procedures and
technologies that may be of assistance in protecting electronic
protected health information and other sensitive data. While the
Company believes these best practices, if followed by healthcare
organizations, may be effective in assisting the protection health
information, Absolute does not assume any responsibility for the
misuse, misinterpretation or inappropriate application of these best
practices by organizations.
(4) Survey of business managers. Ponemon Institute, LLC: "The Human
Factor in Laptop Encryption," Dec 2008. To read the entire study,
This press release contains forward-looking statements that involve risks
and uncertainties. These forward-looking statements relate to, among other
things, the expected performance of our services and products, the possible
contents of future and pending legislation, the application of public monies
in various sectors, suggested practices for securing data, and other
expectations, intentions and plans contained in this press release that are
not historical fact. When used in this press release, the words "plan,"
"expect," "believe," and similar expressions generally identify
forward-looking statements. These statements reflect our current expectations.
They are subject to a number of risks and uncertainties, including, but not
limited to, changes in technology and general market conditions. In light of
the many risks and uncertainties you should understand that we cannot assure
you that the forward-looking statements contained in this press release will
(C)2009 Absolute Software Corporation. All rights reserved. Computrace,
Absolute and Secure Asset Tracking are registered trademarks of Absolute
Software Corporation. Computrace U.S. patents No. 5,715,174, No. 5,764,892,
No. 5,802,280, No. 5,896,497, No. 6,244,758, No. 6,269,392, No. 6,300,863, and
No. 6,507,914. Canadian patents No. 2,284,806 and No. 2,205,370. U.K. patents
No. EP793823 and No. GB2338101. German patent No. 695 125 34.6-08. Australian
patent No. 699045. Japanese patent No. JP4067035. The Toronto Stock Exchange
has neither approved nor disapproved of the information contained in this news
For further information:
For further information: Public Relations: Leslie Campisi, Affect
Strategies, firstname.lastname@example.org or (212) 398-9680 x144; Investor
Relations: Dave Mason, CFA, The Equicom Group, email@example.com or
(416) 815-0700 x237