Privacy and Security

This chapter explores two different but related complexity issues: (1) the continuing threats of unauthorized access to patient data; and (2) the unique nature of health care’s patient data that makes it more vulnerable to exposure through data breaches and inappropriate access than data in many other industries. In any industry, leadership and vision at the top of the organization often determines how the organization responds to potential threats to the data that the organization holds either on its own, or in the case of health care, on behalf of its patients. The basis for health care data protections lies in the 1996 Health Insurance Portability and Accountability Act (HIPAA). The complexity of the health care industry is certainly increased by the security and privacy provisions contained in HIPAA. Privacy and security mandates are likely much more stringent in health care than in any other industry.