This page contains a Flash digital edition of a book.
Drug and alcohol testing service


providers can protect their client’s PII by implementing vigilant operational processes and procedures.


Attacks on the Healthcare Industry Last year was rife with data breaches at Target and Home Depot, among a growing number of other companies. In the summer of 2014, one of the largest known breaches of security for a healthcare organization oc- curred when Community Health Systems network found itself the target of a cyber atack. According to Community Health Systems’ website, its healthcare system is composed of 206 hospitals and associated occupational health clinics in 29 states. It estimated this atack impacted “4.5 million patient names and social security numbers taken from Community Health Systems’ computer network” (Pagliery 2014). Community Health Systems has since


engaged Kroll, an identity theſt protection company, to offer identity theſt protection and credit monitoring services to everyone who was affected by the security breach. “Community Health Systems Partners with Kroll to offer ID theſt Protection” (Beter Business Bureau 2014). Why are hackers targeting healthcare


organizations? Cyber criminals are oſten able to sell medical records and private personal information for more money on the black market than they can gain selling credit card numbers. “Cyber criminals can use these medical records to fraudulently bill insurance companies or Medicare . . . or to obtain free consultations . . . or they pose as patients to obtain prescriptions that can later be sold on the street” (Pagliery 2014). According to privacy researchers at the


Ponemon Institute, recent numbers show 90 percent of health care organizations have exposed their patient’ data—or had it stolen—in 2012 and 2013. “. . . [T]he medi- cal industry has been slammed with 204 incidents this year, nearly half of the major breaches so far. It has lost 2.1 million re- cords. And that does not even count the 4.5 million names and social security numbers taken from Community Health Systems’ computer network” (Pagliery 2014).


32 datia focus


Clearly, the threat to the healthcare


industry is real and companies that find themselves the target of these data breaches bear significant costs related to corrective actions, protection for affected individuals and to restore their reputations and any resulting negative revenue impacts, which can be devastating. Frighteningly, the drug and alcohol


testing industry faces similar concerns as it handles similar private personal infor- mation, such as applicant and employee names, dates of birth, employer names, phone numbers and social security num- bers, that can be found on drug screen chain of custody forms and breath alcohol test forms. Understanding this, the onus is on drug and alcohol testing service provid- ers to make sure they are taking steps to protect this information, both for the ben- efit of their companies and their customers. Drug and alcohol testing service provid-


ers can protect their client’s PII by imple- menting vigilant operational processes and procedures. Tose operational processes and procedures should include no emails with donor social security numbers or dates of birth, marking packages that contain chains of custodies or breath alcohol test forms as confidential, limiting communications to partnering third party administrators and the selected company designated employee representative (DER), a secure filing and storage system, and having proper back- ground screens performed on employees that have access to client’s PII.


Healthcare


Industry Background Screening Survey Background screening plays an important role providing information to help busi- nesses ensure their applicants and employ- ees are qualified for the jobs and do not present unacceptable business risks. For example, screening in the transportation in- dustry helps businesses ensure their vehicle operators are qualified candidates for the


winter 2015


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64