DALLAS -- The board of the eHealth Vulnerability Reporting Program (eHVRP.org), today made public the results of a fifteen-month study assessing the security risks associated with electronic health record (EHR) systems. The study evaluated current industry information security practices, assessed level of risk related to EHR systems, benchmarked healthcare information security practices against other industries, and produced a set of recommendations relating to activities beneficial to protecting information systems in the healthcare industry.
The increasing adoption of ehealth systems including EHRs is fundamental to the transformation of the healthcare system. The information created, accessed and stored in these systems, and their ability to integrate with health information networks and data exchanges, introduces complex security issues. This, coupled with the rising number of information security breaches, has raised concerns regarding their vulnerability.
The industry is investing in, and relying heavily on, the promise that these systems offer through improvements in quality and efficiency of care. As such, we must take every measure possible to protect these systems, avoid any disruption in their use, and to ensure consumer confidence is maintained, said Dr. Robert Mandel, Vice President, Health Care Services, Blue Cross Blue Shield of Massachusetts and eHVRP board member.