The report notes that 3 types of incident account for 86% of the data breaches:
(1) Lost or stolen portable electronic devices
(2) Sending records to the wrong individual
(3) Improper access to PHI by employees
What do these things have in common?
These are problems that deal with the human factor. The problems are preventable, and the risk of them can be significantly reduced through training.
To train on these things, organizations must do more then merely say: “Be careful” or “Do not do.” The training must have an impact on people. And education is most effective with repetition. People must be repeatedly educated, over and over again.
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. This post was originally posted on his blog at LinkedIn, where Solove is a “LinkedIn Influencer.” His blog has more than 900,000 followers.
If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
* LinkedIn Influencer blog
* Twitter
* Newsletter