New Whitepaper Examines Workers’ Comp Data Breach Risk
Because workers’ comp data includes Social Security numbers, demographic and personal health information a data breach could expose employers and carriers to “millions of dollars in litigation, damage control and repair costs,” write the authors of a new GENEX whitepaper.
With healthcare data breaches at an all-time high, workers’ comp stakeholders should be concerned with data security. In addition, the Health Information Technology for Economic and Clinical Health Act known as the HITECH Act, signed into law in 2009, was created to promote the adoption and meaningful use of health information technology.
The act addresses privacy and security issues associated with the electronic transmission of health information and enforcement of the act began in September 2013.
Claim information is exposed to the Internet daily as a result of mobile workplaces, smartphones, tablets and laptops being used.
According to the whitepaper, employers and carriers need to show that there are strong data security controls in place.
There are three primary data security controls:
Unauthorized access to personal health information is the primary concern, write the authors, which could be used for identity theft or blackmail. Data is moving constantly in workers’ comp claims through multiple vendors, case managers, bill review specialists and independent medical examiners.
The transfer of data to vendors is one of the most common security risks for any industry, according to the white paper. Vetting vendors is one way to ensure security controls are in line with employers’ or carriers’ standards and regulatory controls.
Password management is also critical, the authors noted, recommending that they be changed more than twice a year to reduce potential risks. Employers and carriers should establish password parameters for all applications and networks, including how often passwords are changed and how long and complex they should be.
Some steps companies should follow to ensure security include: