Most Healthcare Managers Admit Their IT Systems Have Been Compromised

Lucas123 writes: Eighty-one percent of healthcare IT managers say their organizations have been compromised by at least one malware, botnet or other kind of cyber attack during the past two years, and only half of those managers feel that they are adequately prepared to prevent future attacks, according to a new survey by KPMG. The KPMG survey polled 223 CIOs, CTOs, chief security officers and chief compliance officers at healthcare providers and health plans, and found 65% indicated malware was most frequently reported line of attack during the past 12 to 24 months. Additionally, those surveyed indicated the areas with the greatest vulnerabilities within their organization include external attackers (65%), sharing data with third parties (48%), employee breaches (35%), wireless computing (35%) and inadequate firewalls (27%). Top among reasons healthcare facilities are facing increased risk, was the adoption of digital patient records and the automation of clinical systems.

Re:Give me a choice

[Z34107]

I wish I could request paper records.

You really don't. I've shilled for EHRs before, but the TL;DR is

• Paper charts kill people. They don't check for drug interactions; they don't double-check that you've got the right patient when you're operating or administering medications; in the case of a recall, they can't tell you who received a bad batch of a vaccine; and they certainly can't tell a first responder that unconscious you is allergic to blue dye, unless they already happen know your regular clinic and have a fax machine in the ambulance.
• Paper charts are useless for patient care. The hospitalist trying to reconcile what you were taking at home with what they want to give you in the hospital can't actually determine whether they're about to kill you if the cardiologist treating your heart attack happened to take the only copy of the chart to enter his notes. If they made a second copy for the cardiologist, there's no guarantee his notes and medications will ever get entered into the hospitalists copy, or into pharmacy's copy, who might also wonder why two different doctors plus your PCP are trying to dose you on blood thinners, or into your regular doctor's copy, who might be totally unaware of the cardiologist's findings
• Paper charts are expensive. If nobody knows that you already had a lab or an X-Ray, they're going to order it again. If they do know you had one of the above, you're going to have to wait for a fax, or for them to mail negatives. Because handwriting and general disorganization, especially over a long admission, tends to make them write-only, it's much harder to know exactly what they gave you and why, which makes it harder to justify to the government or an insurance company why they should pay your tab.

That doesn't mean the electronic versions don't have terrible, even maddening, flaws, but even the worst are better than paper.