Despite warnings, many employees ignore data security policies

In response to the survey, a majority of healthcare workers said when it comes to transferring data, documents, or information, they do whatever is easiest.

Jeff Rowe | May 25, 2018 03:48 pm

Cloud providers have been taking significant steps when it comes to protecting healthcare data in cloud environments, but a recent survey shows many threats to patient data come from a much more basic source: healthcare workers who admit to non-secure healthcare data sharing using email.

According to a recent survey by Kickstand Communications for secure file sharing services firm Biscom, 87 percent of healthcare workers admit to using non-secure email to send sensitive information, including PHI.

“Healthcare workers are 36 percent more likely to share regulated data such as patient information and credit card information via non-secure methods such as email than those working in financial services,” noted a review of the survey at HealthITSecurity. 

At the same time, the survey noted healthcare workers are 25 percent more likely to agree that their organization’s security and policies are good compared with employees working in financial services.

Interestingly, while 78 percent of respondents say they understand and agree with their company’s security policies, an overwhelming number of respondents reported insecurely sharing information both internally with their colleagues and with people outside of their organization.

“The survey’s results uncover some interesting factors that contribute to non-compliance,” said Biscom CEO Bill Ho. “It would surprise most companies who have made major investments in security that so many people just fall back to the easiest method, namely sending confidential messages and files through email.”