A woman in Tulsa recently expressed her concerns after visiting the local health department. Michelle Carey went there to renew her SoonerCare insurance, but what disturbed her was the way her sensitive information was handled. An employee used a personal cell phone to collect details like her date of birth, home address, and Social Security number.
Carey felt uneasy when she noticed this. “Now I’m worried that someone has my information on their phone,” she said. This situation is particularly alarming for her, as she has faced difficulties in her life, including living with lupus and relying on state assistance after a past assault.
Despite the employee being compensated for using their phone, Carey is worried about the risks involved. “Data breaches happen all the time,” she noted, recalling letters she received about previous breaches of her medical data.
The Tulsa Health Department responded, assuring the public that they take data privacy seriously. They transitioned to a secure phone system in 2020 to safeguard patient information and require employees to undergo annual HIPAA training. All employee communications are supposed to occur in a secure environment, which they claim protects against data misuse.
However, Carey suggests that state-owned devices would better protect personal information. “If they used state-issued phones, I would feel safer,” she stated.
Experts highlight that data security in healthcare is crucial, especially as cyberattacks increase. According to a report from the Healthcare Cybersecurity Market, the sector is expected to grow to $21 billion by 2028, showing the rising need for better security measures.
Conversations around the use of personal devices for work-related tasks are gaining traction on social media, with calls for more secure practices in both public and private sectors. This incident reflects wider concerns about privacy, as users increasingly demand transparency and security from institutions handling their data.
For further understanding of healthcare data security, you can visit the U.S. Department of Health and Human Services, which offers resources on HIPAA regulations and patient data protection.
