Organizations not doing enough to promote HIPAA compliance and mobile security
Austin, TX – October 20, 2016 – According to a survey carried out by Scrypt, Inc. (OTC Pink: SYPT), developers of secure and compliant productivity tools for regulated industries, more than half (56 percent) of healthcare professionals believe their organization could be doing more to educate employees on HIPAA compliance and the rules around sharing Protected Health Information (PHI).
More than three quarters (78%) of healthcare professionals use mobile messaging at work, yet when asked if policies existed within their organization relating to the use of mobile messaging specifically, over half (52 percent) of respondents answered ‘no’ or ‘not sure’, according to a survey carried out by Scrypt, Inc., developers of secure and compliant productivity tools for regulated industries.
Of those who have sent PHI via mobile messaging, 70 percent confess to having done so using a non-secure application, such as iMessage, WhatsApp or their device’s native messaging client.
Additionally, more than half (56 percent) of respondents believe their organization could be doing more to educate employees on HIPAA compliance and the rules around sharing Protected Health Information (PHI). Despite these revelations, the vast majority (80 percent) of respondents consider their own knowledge of HIPAA compliance to be good or very good, which would suggest people have more faith in themselves, than others, or their employer.
Human error was cited as the leading cause of healthcare data breaches in 2015, which should serve to remind organizations that people are frequently the biggest vulnerability in the security equation. This considered, it is worrying that many organizations may be falling short when it comes to promoting best practices in line with HIPAA compliance and cyber security more generally.
Scrypt, Inc. CEO, Aleks Szymanski, commented: “We understand the challenges healthcare providers face when it comes to managing and exchanging PHI. In an industry as closely regulated as healthcare, where the margin for error is minimal, it is essential that organizations invest not only in the best HIPAA-secure technology, but also in instilling a culture of security through appropriate training and education.”
Mobile technology is transforming the way medical professionals communicate and coordinate care, but convenience should never be at the expense of patient privacy. Scrypt, Inc. urges healthcare employers to assess the use of mobile messaging within their organization and take necessary actions to ensure any communication is secure, and compliant with HIPAA regulations.
Other key survey findings:
- 65% of those who use a mobile device at work also use the same device for personal use
- More than half (52%) respondents say they have free reign over the applications they download and use at work
- Only a quarter of those who use mobile messaging at work use a secure solution
- One in five (17%) have sent or received PHI via mobile message, with Names (24%), Telephone numbers (19%) and Email addresses (13%) the commonly shared identifiers
- 96% use at least one security measure to protect their device, however of those, one in five (18%) use one method only, most commonly Passcode or PIN protection
For full results of the survey and to download the whitepaper visit scrypt.com.