Recent Report Reveals "Significant Concerns" About Data Security Gaps

May 18, 2011

Cox Smith Privacy / Data Security E-Alert

Recent Report Reveals "Significant Concerns" About Data Security Gaps

Amidst the federal government's push for increased use of electronic medical records, an internal report released yesterday by the Department of Health and Human Services revealed "significant concerns" about security gaps in systems across the country. In an audit of seven large hospitals in several states, the Office of Inspector General discovered "151 major vulnerabilities, including unencrypted wireless connections, easy passwords, and even a taped-over door lock on a room used for data storage." The auditors classified 124 of the breaches as "high impact" meaning they are likely to result in costly losses, injury or death.

This internal report shines a spotlight on the necessity for all institutions using electronic systems to store sensitive data to routinely conduct their own analysis of the adequacy and effectiveness of their data security and to develop a response plan addressing identified gaps. Regular employee training, frequent self audits of current practices and vendor commitments, and consistent monitoring and updating of security compliance and breach response plans reduce the significant liabilities, embarrassment and mistrust that can result from security breaches.

Download the complete report.


This notice was authored by Shareholders Kathy Poppitt from Cox Smith’s Healthcare / Life Sciences Practice Group and Bart Huffman from Cox Smith's Privacy / Data Security Practice Group.

As part of our service to you, we regularly compile short reports on new and interesting developments and the issues the developments raise. Please recognize that these reports do not constitute legal advice and that we do not attempt to cover all such developments. Rules of certain state supreme courts may consider this advertising and require us to advise you of such designation. Your comments are always welcome. © 2021 Dykema Gossett PLLC.