Skip Navigation
BlackBerry Blog

Stolen Patient Medical Records are a Massive Healthcare Security Risk. Here’s How to Prevent It.

A hand picking up a fileA misplaced laptop in an unguarded hospital room. A crafty thief. Thousands of healthcare records sold to the highest bidder, and thousands of patients whose identities are now forfeit. A legal disaster, and a PR nightmare.

That scenario is much more common than you might think, but it’s far from the only way protected health information (PHI) might be compromised by criminals. PHI is some of the most valuable data on the market for criminals. That means that if you aren’t taking the necessary precautions to protect your patients, their private details will eventually end up in the wrong hands.

And you’ll be the one who pays for it.

I’ll be the first to acknowledge that defending a hospital against leaks, hacks, and breaches isn’t easy. There are so many avenues through which patient data can be stolen or compromised, it’s tough to even know where to start. And these challenges are only further compounded by the fact that both doctors and patients are driven mostly by what’s convenient – and security usually isn’t.

That doesn’t mean it can’t be, though.

Securing medical record files is hard. Healthcare professionals share protected files all the time. Doctors forward data to their colleagues via email for a second opinion, nurses share files over mobile devices to better care for patients, hospitals share patient details with insurance companies, and patients correspond with care providers to discuss treatment.

At any time in this process, the data could be compromised:

  • A device containing patient data could be stolen.
  • Files could be inadvertently forwarded to an unauthorized third party.
  • Documents shared over an unencrypted/unsecured connection could be hijacked.
  • More traditionally, patient files stored on a server could be illegally downloaded by an attacker.

Heart rate monitor, patient and doctors in background in intensive care unitIn order to ensure the best patient care possible, healthcare professionals need to be able to collaborate, both with one another and with third parties. But they need to do so in a way that’s compliant with healthcare regulation. What they need is a secure enterprise file synchronization and sharing (EFSS) platform that’s both compliant and easy to use.

What they need is BlackBerry Workspaces (formerly known as WatchDox by BlackBerry), and its close cousin, BlackBerry Workspaces Email Protector (formerly known as WatchDox Email Protector).

A two-time visionary in Gartner’s EFSS Magic Quadrant and a leader in Forrester’s EFSS Wave Report, BlackBerry Workspaces allows protected files to be shared freely, without compromising file security. Flexible and intuitive, it centralizes control over a hospital’s most sensitive data squarely in the hands of its IT department. Email Protector, meanwhile, automatically extends BlackBerry Workspaces’ security to email attachments, and integrates with existing email Data Leak Prevention tools for even greater security.

BlackBerry Workspaces helps keep PHI safe with some of the following functionality:

  • File Tracking: Workspaces logs how, where, and by whom each file is accessed, and what’s done with those files. This makes auditing significantly simpler.
  • Granular Controls: For each file shared through Workspaces, dictate whether a user can access, view, copy, print, edit, download, or forward. These permissions can be extended or revoked at any time.
  • Set Individual or Group Permissions: Workspaces’ robust permissions make it easy to set up a viewing repository for patients– i.e.. you could create a user-group for medical staff with access to all files, then give each individual patient access exclusively to their information.
  • Customizable Watermarks & Spotlight Viewer: Deter intentional leaks by including user details on documents, and screen capturing by blurring the screen everywhere but the mouse cursor’s location

Working in an industry such as health services makes collaboration a challenging legal and security minefield. Doctors, nurses, and care providers frequently work with extremely privileged data, and one need only look at the numbers to see how valuable that data is to criminals. By making use of BlackBerry Workspaces as part of your mobile healthcare solution alongside BlackBerry’s other security software, you can ensure it’s kept out of their hands, and safely in yours.

Attention Salesforce users: secure document collaboration has arrived with the new BlackBerry Workspaces app. Get it here. Or want to learn more about what Workspaces can do for you?Check out our latest release blog, visit the official BlackBerry Workspaces page or view our BlackBerry Workspaces Email Protector page.

About Dan Auker