How Patient Data is at Risk in Hospitals

The increased use of imaging technology and EHR/EMR implementation are contributing to the growth in patient data, but healthcare organizations might not be prepared to handle the new information.

Many hospitals are putting patient data at risk while they continue to rely on outdated and inefficient practices to backup information, according to a new survey.

The increased use of imaging technology and EHR/EMR implementation were the biggest contributors to the growth in data, but it turns out healthcare organizations might not be prepared to handle all this new information.

The study, conducted by HIMSS Analytics and sponsored by Iron Mountain Incorporated, asked 150 senior-level technology professionals at hospitals about how data is protected from potential loss or disaster and archived to meet long-term compliance requirements.

“The amount of data flowing through our healthcare system today has rendered the old ways of managing it obsolete,” Michael Leonard, director of product management, Healthcare IT Services for Iron Mountain, said in a statement. “If you look at this survey, you’ll conclude that most hospitals continue to treat all data the same and don’t sufficiently tier it based on its importance and access requirements.”

Leonard went on to recommend that any hospitals back up data vital to the business and near-term clinical operations at a remote data centers, while data kept for compliance or future research can be stored on offline media.

According to the survey’s findings, a majority of hospitals are storing 75% of their clinical data onsite for immediate access. However, since less than 30% of this data is accessed after 18 months, it could be moved to more cost-effective storage mediums, according to HIMSS.

Surprisingly, just half of respondents said they have a data archiving strategy in place. Having a strategy for the data not being accessed can help reduce the impact on limited IT budgets.

And in the event of an emergency, 31% will be left floundering as they don’t have a disaster recovery and business continuity plan in place. Plus, 42% of respondents said they don’t have a data retention policy specifying how long they need to keep backup and archival data and when they can destroy it.

“By 2015, most hospitals are expected to have undergone a massive, data- and reform-driven transformation,” Lorren Pettit, vice president, market research, HIMSS Analytics, said in a statement. “Between the conversion to ICD-10 for better coding, meeting Meaningful Use milestones for data sharing at the point-of-care, and the continued influx of EMR/EHR systems, hospitals will have created an exponential proliferation of data volume.”