Patient data security is an ongoing and evolving problem in healthcare. According to the US Census Bureau, US Department of Health and Human Services, “143 million patients’ records have been compromised over the past five years…” (Zeadally, Isaac, & Baig, 2016). A patient’s medical record information is a highly sought after commodity among hackers, cyber criminals, and identity thieves because it contains “personal, insurance, and financial information”. They are able to sell this information for “up to $251 per record” as opposed to stolen credit card numbers, which they are only able to sell for “33 cents per number”. (Zeadally, Isaac, & Baig, 2016) Breaches of patient data security have hefty financial penalties for …show more content…
These files took up a lot of physical storage space which cost a facility and provider a lot of money and they were mostly stored off site (Harman, Flite, & Bond, 2012; Malhotra & Lassiter, 2014). In some cases, these files were kept in the medical records department (Veronesi,1999). In some facilities, the medical records department was just a locked room that anyone with an id card could access (Harman, Flite, & Bond, 2012). This made it difficult to monitor user’s access to the file room and made it easy for anyone with access to the room to view any or all of the files (Whetton, 2005; Bakker, 2007). In addition, there was no way to keep track of what user accessed a file or files and what actions they performed when they accessed it (Bakker, 2007). Some facilities had a medical records clerk, who controlled access to the files and made users “sign-out” the files that they wanted to access, that oversaw the medical records department (Harman, Flite, & Bond, 2012; Veronesi,1999). In either case, whether there was or was not a file clerk in the medical records department, there were no alerts that showed that files were accessed by unauthorized users, there was a breach or evidence of a breach, or tampering of files (Harman, Flite, & Bond, 2012). There also was no way of knowing if pages have been stolen which made it hard to know if the patient’s data was compromised …show more content…
They tend to only have one copy, so if pages from it get lost, stolen, or damaged there is no way to restore that data or even realize it no longer exists (Whetton, 2005). Patient data security could become compromised if there was a disaster that occurred at the storage facility for the paper files which could cause the paper files to have to be removed from their storage facility. For example, this could occur as a result of an earthquake at the file storage facility causing the building to collapse. When a clean-up crew, who are unauthorized to view or handle the files, is sent to clean up the collapsed building, this could send the papers from the patient files scattering throughout the cleanup site and beyond where even more unauthorized individuals potentially could access it.
Conclusion:
This review depicts, that both electronic health records and paper health records have vulnerabilities that have the potential to compromise patient data security. There are many who argue that the paper health records are more secure than the electronic health records. While electronic health records have their security vulnerabilities and have been more prevalent in the news, paper health records are not much more secure. Patient data security breaches in paper health records were not publicized as much as the electronic health records, because there is no way of knowing that they exist in order to report