Articles In This Issue

Have you had a data breach?

If you have any questions about our resources or any topics related to Experian Data Breach Resolution, please contact us at or call 1 866 751 1323.

Healthcare Data Security Gets Better But Still Not 100 Percent

When it comes to safeguarding patient data, the healthcare industry is improving but isn’t out of the woods yet. Hospitals lead the way with more than 90 percent of the respondents in a recent study indicating that they conduct formal risk analyses.

The fifth annual Healthcare Information and Management Systems Society (HIMSS) Security Survey found other areas of improvement, too. For instance, healthcare organizations are now assessing their risks more frequently. Two-thirds conduct a risk analysis at least once per year, compared to 54 percent in 2008.

Another positive piece of data that came out of the study indicates that email encryption is on the rise. The survey, sponsored by Experian® Data Breach Resolution, finds that nearly 64 percent of this year’s respondents encrypt emails, compared to 55 percent in 2008.

But despite these bright spots, many dark clouds still linger over the state of data security. One of those clouds is the rising number of security breaches. Nearly 25 percent of the respondents sustained a data breach in the past year alone. And the high number of breaches has caused 21 million American patients to have their healthcare records exposed to date.


Other highlights from the HIMSS study include:

  • Only 38 percent of the respondents encrypt mobile devices, such as smartphones and tablets, which is worrisome considering their rising use. In fact, there are currently 1.1 billion global smartphone subscribers, representing a 42 percent year-over-year growth rate.1 In addition, there’s been a 29 percent increase in tablet or e-reader users since 2009. 2
  • Only 43 percent of respondents test their data response plans, meaning they don’t know whether their plans work. Organizations should review their response plans regularly and conduct practice runs at least once per year. It’s also a good idea to update the contact list of your response team quarterly and redistribute it. Download our free Data Breach Response Guide for more information on developing a comprehensive response plan.

The HIMSS survey is encouraging, as it does illustrate that the industry is making progress. But with the feds continuing to push their electronic health records program and the rising use of mobile devices, healthcare organizations may need to be even more vigilant when it comes to protecting patients’ data.

To see visual highlights of the study, click here to view the infographic “The Security of Patient Data in a Virtual Universe.” 


1  Kleiner, Perkins, Caufield, Byers (KPCB), a venture capital firm based in Menlo Park, California.

Kleiner, Perkins, Caufield, Byers (KPCB), a venture capital firm based in Menlo Park, California.

Experian and the Experian marks used herein are service marks or registered trademarks of Experian Information Solutions, Inc. Other product and company names mentioned herein are the property of their respective owners.