Call Us Today to learn more: 888-646-1616

24 Ways to Steal Medical Data

Do you know all of the ways someone can steal PHI from your practice?  We’ve put together a list of 24 ways that people can steal medical data.

As farfetched as it sounds, all of these are prone to security breaches.

To help you along, any of the items marked with an asterisk (*) are risks that have led to HIPAA violations and fines from the Dept. of Health and Human Services.

  1. A laptop that’s lost or stolen*
  2. A USB drive that’s lost or stolen*
  3. A smartphone/tablet is lost or stolen
  4. Printed records that aren’t properly shredded*
  5. At a third party vendor*
  6. An email received by someone other than your patient
  7. A computer stolen from your practice*
  8. Paper stolen from a desk of your practice
  9. A sold or trashed hard drive with PHI on it*
  10. A fired employee still has access to your systems or office*
  11. A fired employee steals PHI on their way out the door
  12. A hacker tricks an employee into installing malware to steal PHI via phishing
  13. A hacker tricks an employee into installing malware to steal PHI via drive-by malware
  14. A hacker logs in to your network to steal PHI
  15. Someone logs into a hosted service that contains PHI (like an email account, calendar system, or hosted EMR system)*
  16. A hacker breaks into your website to steal PHI
  17. A disaster leaves your PHI open to being lost or stolen*
  18. Employees take PHI through a USB drive*
  19. Employees take PHI through their work email address
  20. Employees take PHI through their personal email address
  21. Employees take PHI through a file sharing site (like Dropbox)
  22. Employees take PHI by printing it out
  23. Employees take PHI by taking pictures of a screen
  24. Employees take PHI through instant messaging (like Skype)

Feeling a bit overwhelmed?

Get some free help!  Check out our free 42-Point Checklist for ways to make your practice HIPAA compliant.

Talk to us!

Have questions or feedback?  Please share them in the comments below.

Like this article?  Share it!

By |2019-01-04T04:21:24+00:00October 1st, 2018|Computer Cyber Security, Data Breach, HIPAA|0 Comments