MET Health Informatics Professor Highlights Rising Security Hazards of Medical Data

As an expert on data and knowledge management in the biomedical and healthcare sectors, MET Associate Professor Guanglan Zhang recognizes the threat of data breach faced by medical practices.

Coordinator of BU MET’s Health Informatics programs, Dr. Zhang shared her insights into recent data breach trends in the medical field with Physician’s Practice. Among her findings were:

Data breaches are on the rise, with 358 in 2017, 371 in 2018, and 511 in 2019.
The biggest states have been hit the hardest. California sustained 335 breaches between 2009 and 2020, most in the nation, followed by Texas with 276 breaches in that same period, and Florida rounding out the top three with 192.
The most frequent kind of breach is a hacking/IT incident, with 941 occurrences. The second-most frequent breach is a theft (893 instances) followed by unauthorized access/disclosure (875)
The leading perpetrators of data breaches are health care providers (2,287), but the second-most common responsible party are business associates.

Dr. Zhang also reminded that the same standards of security apply to all manners of medical organizations.

“Small- to medium-size physician practices are vulnerable to cyberattacks as they often have less expertise in IT technology and limited resources in place,” Zhang said. “Large healthcare organizations often have an IT team, while physician practices might have one IT employee who works part time. Despite this, [practices] need to comply with the same set of rules, [like] HIPAA privacy and security rules and state regulations, to safeguard protected health information.”

BU MET’s Health Informatics programs—encompassing the Master of Science in Computer Information Systems with a concentration in Health Informatics as well as the four-course programs the Health Informatics Graduate Certificate and the Medical Information Security & Privacy Graduate Certificate—give students the tools they need for career success in the field of health information technology, security, and electronic health record management.