Many Organizations Not Protecting Patient Data During Software Testing

More than half of IT managers at health care delivery organizations do not protect patient data used for software development and testing, according to a survey released Tuesday, InformationWeek reports.

The report, conducted by the Ponemon Institute and sponsored by Informatica, is based on interviews with 450 IT professionals working at U.S. health care organizations.

Key Findings

According to the report, 74% of IT managers believe that meeting privacy and data protection requirements is important, but only 35% believe their company successfully achieves these goals.

The study also found that:

• 78% of respondents said they are undecided or not confident about whether their organization could detect accidental data loss or theft during software development and testing;
• 38% of respondents said they had experienced a data breach during software development; and
• 12% said they were unsure about whether they had experienced a breach.

Researchers also asked IT managers about the consequences of data breaches and found that:

• 59% of respondents said their organization experienced a disruption of operations following a breach;
• 56% said their organization faced regulatory action; and
• 36% said their organization experienced a loss in reputation.

Recommendations

To improve data protection during software development, the Ponemon Institute recommends that health care organizations:

• Centralize oversight;
• Establish policies and procedures for safeguarding data in development environments; and
• Implement data-masking technology (Lewis, InformationWeek, 1/26).

Source: iHealthBeat

Need assistance with protecting your patient data… give us a call!