Despite the record number of major healthcare breaches in just the past year, 74 percent of consumers surveyed by the National Cyber Security Alliance said they trust healthcare providers the most with personal information, according to a study released Thursday to mark Data Privacy Day.
The day is an annual international effort launched by the NCSA to create awareness about the importance of securing personal information, both as a consumers and as organizations. This year's theme is "Respecting Privacy, Safeguarding Data and Enabling Trust."
"These are the three legs of the stool for the Internet," said NCSA Executive Director Michael Kaiser. "We believe everyone needs to have respect for the information."
The findings in the TRUSTe/NCSA Consumer Privacy Index show that people have a trust-based relationship with their providers, Kaiser said. "I think the expectation is that when they provide personal information, it's protected."
To keep that culture of mutual respect, healthcare providers need to better communicate with patients about how their data is treated, he said.
At the same time, providers have to build a culture of privacy within their organization -- one where privacy and security aren't just occasionally mentioned but frequently talked about.
After all, healthcare providers are stewards of precious information.
[Like Healthcare IT News on Facebook]
"The data that healthcare providers have is extremely valuable," said Kaiser. "It's valuable to several different kinds of sources in the cybersecurity arena. We've seen this with some of the insurance breaches, where nation states gathered information of citizens through private data."
Kaiser said the best way to protect data is to ask: What data do you have? Where does it go? Who can access it? Where is it? And what are you doing to protect it?
Data Privacy Day began in North America in January 2008. It's an extension of Europe's Data Protection Day, which commemorates the 1981 signing of the first legally binding international treaty to deal with privacy and data protection.