Mobile devices, data breaches and patient privacy rights were some of the most talked-about topics in health IT in 2011, and according to expert opinions complied by ID Experts, 2012 won’t be any different. 

In fact, experts continue to predict an upswing in mobile and social media usage, response plans, and even reputation fallout. Eleven industry experts outlined healthcare data trends to look for in 2012.

1. Mobile devices could mean trouble. Healthcare organizations won’t be immune to data breach risks caused by the increased use of mobile devices in the work place, said Larry Ponemon, chairman and founder of the Ponemon Institute. A recent study confirms that 81 percent of healthcare providers use mobile devices to collect, store, and/or transmit some form of personal health information (PHI). But, 49 percent of those admit they’re not taking steps to secure their devices. 

2. Class-action litigation firestorms are looming. Class-action lawsuits will be on the rise in 2012, predicts Kirk Nahra, partner, Wiley Rein LLP. This will most likely be due to patients suing healthcare organizations for failing to protect their PHI. This past year was filled with several similar suits for organizations, some of which involved business associates and breached patient data. And despite the outcomes, one affect is certain: significant risk and cost for companies affected by the suits. 

3. Social media risks will grow. Chris Apgar, CEO and president at Apgar & Associates, predicts that, as more physicians and healthcare organizations move to social media, its misuse will increase the exposure of PHI. A recent example includes a healthcare worker posting sensitive information about a patient on his Facebook. According to ID Experts, healthcare organizations often don’t develop a social media use plan, leaving a gray area of sorts for employees exposing PHI through personal social networking pages. 

4. Cloud computing is not a panacea. Moreover, the technology is outpacing security and creating unprecedented liability risks, said James C Pyles, principal, Powers Pyles Sutter & Verville. According to Pyles, with fewer resources, cloud computing is an attractive option for healthcare providers, especially with the rise of HIEs. But, with privacy and legal issues coming to light, ID Experts said a “covered entity” will need to enter into a “carefully written business associate agreement with a cloud-computing vendor before disclosing protected health information.” 

5. Reliance on business associates could result in new risks. Larry Walker, president of the Walker Company, believes economic realties will force healthcare providers to continue to outsource many of their functions. This includes billing to third parties or business associates, even though business associates are considered the “weak link in the chain” when it comes to privacy and security. 

Continued on the next page.