Survey: One in Five Healthcare Professionals Had Patient Data Breaches | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Survey: One in Five Healthcare Professionals Had Patient Data Breaches

January 12, 2018
by Heather Landi
| Reprints

A new survey finds that there is a disconnect between data breaches and the level of confidence that healthcare professionals have in protecting sensitive patient medical and healthcare data.

The University of Phoenix College of Health Professions conducted an online survey of more than 500 registered nurses and healthcare administrative staff and found that 20 percent of RNs and 19 percent of administrative staff indicated that their facilities have experienced a breach of private patient data. An equal percentage of RNs (21 percent) do not know if their facility has or has not experienced a breach of patient data.

However, the disconnect appears in the level of confidence that healthcare professionals have with handling data breaches. Almost half of percent of RNs (48 percent) and 57 percent of administrative staff noting they are “very confident” in their facility’s ability to protect patient data against potential theft. When asked where they have seen the most changes occur in the industry over the last year, including quality of care, safety, digital health records and prevention and population health, only 25 percent of RNs and 40 percent of administrative staff cite data security and privacy.

“Patient safety is not just about physical and emotional well-being and protection, it also includes electronic records. In our increasingly digital world, it is critical for healthcare professionals at every level to prevent data breaches,” Doris Savron, executive dean for the Colleges of Health Professions at University of Phoenix, said in a statement. “Everyone in the healthcare industry must work together to establish protocols and implement training to secure and protect all patient data to reduce the risk of being compromised.”

Nurses and staff administrators agree, with 23 percent of RNs and 34 percent of administrative staff stating that additional support and training is needed for healthcare privacy and security. Current steps being taken to ensure the protection of patient data include:

  • Updated privacy and access policies (according to 67 percent of RNs and 69 percent of administrative staff)
  • Role-based access (according to 59 percent of RNs and 60 percent of administrative staff)
  • Data surveillance (according to 56 percent of RNs and 55 percent of administrative staff)


“Healthcare organizations are extremely susceptible to human error. If one employee accidently invites malicious malware into a system, the impact can be catastrophic. To limit the amount of breaches, cybersecurity governance must improve,” Dennis Bonilla, executive dean for the College of Information Systems and Technology at University of Phoenix, said in a statement. “Without improved training and robust cybersecurity response plans incorporated into information technology strategies, the healthcare industry will continue to bear the brunt of these attacks.”

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Seven PA Health Systems Partnering on Healthy Food Access Pilot

Seven health systems in the Philadelphia are are partnering with community organizations, public health departments and insurers on a Healthy Food Access Pilot aimed at addressing food insecurity in the region.

Independence Health, Comcast to Partner on Healthcare Technology Platform

Independence Health Group, parent of Independence Blue Cross, and Comcast announced a partnership to launch a patient-centered technology and communications platform that seeks to improve the overall efficiency and experience of the care delivery process between providers and patients.

Health IT Trade Groups Push CMS for MIPS 90-Day Reporting Period

MGMA, AMA and 47 other physician organizations have sent a letter to CMS, calling for the federal agency to reduce the burden of the Merit-based Incentive Payment System (MIPS) by shortening the quality data reporting period from 365 to 90 days.

VA Chief Information Officer Scott Blackburn Resigns

The Department of Veterans Affairs’ (VA) acting chief information officer (CIO), Scott Blackburn, has resigned from his position, effective immediately.

HIT Advisory Committee Advances Recommendations on Core Data for Interoperability

The Health Information Technology Advisory Committee, a federal advisory committee to the Office of the National Coordinator for Health IT (ONC), voted Wednesday to approve nine recommendations to update the list of data elements that vendors must exchange to be considered interoperable.

ACP Study: Only 37 Percent of MIPS Measures Are Valid

A new study from the American College of Physicians Performance Measurement Committee rated as valid only 37 percent of the 86 Quality Payment Program measures for 2017 deemed relevant to ambulatory general internal medicine.