Findings from: Keeping Personal Health Information Safe: The Importance of Good Data Hygiene
![data-hygiene pic-1 266x400 IMPORTED: www_commonwealthfund_org____media_images_publications_other_2015_data_hygiene_list_data_hygiene_pic_1_266x400.jpg](/sites/default/files/___media_images_publications_other_2015_data_hygiene_list_data_hygiene_pic_1_266x400.jpg)
1: There were more than 29.1 million health records affected by data breaches over a recent three-year-period.
Between 2010 and 2013, there were 949 separate events, two-thirds of which involved electronic data.
![data-hygiene pic-2 266x400 IMPORTED: www_commonwealthfund_org____media_images_publications_other_2015_data_hygiene_list_data_hygiene_pic_2_266x400.jpg](/sites/default/files/___media_images_publications_other_2015_data_hygiene_list_data_hygiene_pic_2_266x400.jpg)
2: Current laws, such as the Health Insurance Portability and Accountability Act (HIPAA), aren’t effective in protecting patient information.
HIPAA was enacted before the Internet and electronic medical records existed, so large gaps remain in health data protections.
![data-hygiene pic-3 266x400 IMPORTED: www_commonwealthfund_org____media_images_publications_other_2015_data_hygiene_list_data_hygiene_pic_3_266x400.jpg](/sites/default/files/___media_images_publications_other_2015_data_hygiene_list_data_hygiene_pic_3_266x400.jpg)
3: More than 80 percent of data breaches occur because basic precautions aren’t taken.
Health care organizations often fail to implement simple procedures such as encrypting health data, prohibiting the storage of confidential information on personal electronic devices, and authenticating authorized users.
![data-hygiene pic-4 266x400 IMPORTED: www_commonwealthfund_org____media_images_publications_other_2015_data_hygiene_list_data_hygiene_pic_4_266x400.jpg](/sites/default/files/___media_images_publications_other_2015_data_hygiene_list_data_hygiene_pic_4_266x400.jpg)
4: We can’t have a successful nationwide health IT system if patients are worried about the safety of their personal information.
Patients with these concerns will resist sharing their information electronically, which may compromise their care as well as future research.