Encryption is the single most essential technology to use for healthcare security breach prevention, according to Joy Pritts, chief privacy officer at the Office of the National Coordinator for Health IT. In an interview with Healthcare Info Security, Pritts states that encryption is “much more advanced” than it was five years ago and anyone purchasing new technology has no “good reason at this point…not to make sure that you can encrypt it.”
In the healthcare industry, the largest impact from breaches has been from lost and stolen technology, mainly laptops, tablets and cell phones. Encrypting the data stored on these devices, especially the protected patient health information, is the most important step to preventing and minimizing the effects of a data breach. Encryption is the most vital step in using technology to protect your network from unwanted attacks and theft of confidential patient data, like addresses, credit card numbers and bank account information. Use of encryption, and following other best practices that can be revealed by performing a computer security risk analysis, is highly recommended to minimize the impact of a security breach and protect ePHI and other confidential data on your network. A computer security risk assessment can pinpoint other vulnerabilities on your network and identify steps to help you decrease the risk of intentional or unintentional data breaches. Be aware, however, that no available protection methods is perfect, and some amount of risk always exists.