Solutions

Solutions powered by
Learn More.
Frame 586 (1)

Quality Manager formerly known as abaqis®

Mitigate risk and elevate your quality of care. Improving both clinical and business outcomes starts with a smarter, more integrated approach to regulatory training, continuing education and quality management.

Learn More

NEW TO THE STORE

hStream Content Marketplace

Connecting you to the Best Content. Access to 75 Partners and 35,000+ Courses in our Industry-Leading Marketplace. Streamline content purchasing, updates, hosting and connectivity for your organizational needs.

NurseGrid Learn

Online store for Clinical Learners. Individual CE Credit and industry products for Clinical Learners are now available through NurseGrid Learn (Beta). Explore our robust collection of courses that provides an unparalleled level of flexibility and choice.

DEA MATE Opioid and Substance Use for Practitioners

Meet the DEA's new requirement under the Medication Access and Training Expansion (MATE) Act in an online and self-paced 8-hour DEA MATE Act course specifically designed for practitioners, including Physicians, PAs, NPs, Pharmacists, Dentists and others.

LATEST & POPULAR

BLOG

Join Us at Thrive24: The Ultimate HealthStream Credentialing User Group Conference!
BLOG

Gen Z Enters the Workforce: How Healthcare Can Adapt Training Programs for the Next Generation
BLOG

Telehealth: From Pandemic Tool to Preferred Option
On-Demand Webinar

State of the Industry: What’s Next for Healthcare Quality & Safety in 2024?
CUSTOMER STORY

Quantifiable results highlight switch to jane®
ARTICLE

10 Trends for 2024: Absorbing New Technology, Facing New Realities, and Solving Old Problems

< HealthStream Resources

The Healthcare Data Security Threat: How the NFL and HIPAA made headlines

April 1, 2021
April 1, 2021

In today’s NFL not much is private. On any given Sunday, viewers are inundated with information about players’ personal and professional lives. One of the few stones left unturned when it comes to privacy are players’ medical records. For all their fame and fortune, when it comes to HIPAA, they are covered just like the rest of us. So when a report recently surfaced that a laptop containing medical records of thousands of players had been stolen from a Washington Redskins staff member, two relatively unrelated industries, healthcare and sports, made headlines for all the wrong reasons.

The circumstances surrounding this incident aren’t uncommon or specific to sports. A laptop containing players’ medical records spanning over 12 years was left unattended in a car. When the car was broken into, the laptop was stolen, and the individual responsible for security of the information was forced to report the incident. Making matters worse, the data contained on the laptop was not encrypted, and therefore ease of access revolved around a simple password. Though the investigation is ongoing, the Redskins released a statement addressing the severity of the breach:

"No social security numbers, Protected Health Information (PHI) under HIPAA (Health Insurance Portability and Accountability Act), or financial information were stolen or are at risk of exposure…"1

It would appear the players and organization dodged a huge bullet here. The statement goes on to explain the steps taken to prevent future incidents of this nature:

“All clubs have been directed to re-confirm that they have reviewed their internal data protection and privacy policies and that medical information is stored and transmitted on password-protected and encrypted devices; and that every person with access to medical information has reviewed and received training on the policies regarding the privacy and security of that information.” 1

Cyber Security Risks Are Common in Healthcare

This is pretty standard remedial training. In fact, that statement in one way or another has probably been repeated by healthcare organizations hundreds of times. It’s no secret healthcare data has replaced financial data as the most valuable piece of personal information sold on the black market. Cyber-attacks will continue to plague healthcare organizations, and the results are costly for patients and facilities alike. Healthcare facilities must take a proactive approach in terms of training their staff members on how to detect and prevent physical and cyber security threats. After all, the best offense is a good defense, right?

The First Line of Defense is Training and Awareness

Security Awareness in the Healthcare Setting, a course from HCCS, is designed to educate your staff on cyber and physical information security in today’s care environment. Completing this course strengthens your organization’s ability to protect your patients, your reputation, and your bottom line.

The Washington Redskins are the third most valuable team in the NFL at an estimated $2.85 billion2. They can afford whatever penalties, if any, come their way as a result of one employee’s mishap. Most healthcare organizations don’t have that luxury. Does yours?

Learn more at www.hccs.com/prepare.

Sources:

1 http://www.nfl.com/news/story/0ap3000000666134/article/redskins-laptop-containing-player-data-was-stolen

2 http://www.forbes.com/sites/mikeozanian/2015/09/14/the-most-valuable-teams-in-the-nfl/#94403a0326fa