People go to hospitals to be healed. They trust medical providers to keep them — and their personal information — safe.
Hospital event data might not be subject to the same Health Insurance Portability and Accountability Act provisions that cover patient data, but attendees still expect medical institutions to keep their information secure. To meet that expectation, event hosts should implement appropriate security measures.
Cisco’s 2017 Annual Cybersecurity Report highlights some of the dangers posed by lax data security. According to Cisco’s research, 40 percent of breached organizations lose more than 20 percent of their customers as a result. If people hold retail outlets and online subscriptions to those standards, imagine their disappointment when medical providers drop the ball.
Attendees at medical events assume their personal information is safe in the hands of a brand they trust. An infringement of that trust extends suspicion to every branch of the company. Don’t take that confidence for granted — implement better security at medical events to give attendees the peace of mind they deserve.
Protecting attendee data
According to Cisco’s report, 49 percent of breached organizations experienced public scrutiny after the attack. Potential patients who remember hospitals for something other than exceptional care might look elsewhere for their medical needs.
Follow these tips to ensure healthcare marketers keep attendee information — and the hospital’s brand — safe from harm.
1. Encrypt data; stay compliant
Keep your data encrypted and ensure events maintain Payment Card Industry Data Security Standard compliance. Consumers notice when merchants are careless with their data, which is why 12 percent of customers abandon their online shopping carts out of fear that their payments are compromised.
Excel spreadsheets aren’t good enough. Even if the computer is password-protected, which it should be, information in open files might as well be on a billboard. Pick event technology that meets higher security standards so you can keep sensitive information protected.
Events that process credit cards should use only tools compliant with PCI-DSS 3.1 Level 1, both as a merchant and service provider. These regulations cover processing, storage and payment transmission info to keep attendee information safe throughout its journey.
2. No manual transfers
Most events use more than a dozen tech tools. When event staffs manually transfer information from one tool to another, they inadvertently create security leaks that expose attendee data to potential attackers. The more workers present, the greater the risk becomes.
Rework processes to eliminate physical USB drives and other insecure data transfer practices from the event. Choose event technology with an open application programming interface to streamline information transfers without risk of manual intervention.
3. Limit data collection
Don’t ask your patients for unnecessary information. Collect only the data that’s vital to the event.
A limited data collection reduces your event’s potential liability, simplifies the registration process and leads to more sign-ups. According to one study, enrollment drops up to 10 percent for every additional field in a registration form.
Even though medical events operate much the same as other events, attendees expect more from the organizers of these gatherings. They won’t line up to see a new medical tool at the hospital like they might a new iPhone, but they’d remember the healthcare provider that allowed their data to get stolen. Follow these strategies to hold more secure medical events and transform data security into a competitive differentiator.
Ronnie Higgins works at Eventbrite, helping event planners level-up their registration game. Born and raised in New Orleans, he enjoys nothing more than helping people get together — whether it’s for a conference, class or a citywide party like Mardi Gras.
The views, opinions and positions expressed within these guest posts are those of the author alone and do not represent those of Becker's Hospital Review/Becker's Healthcare. The accuracy, completeness and validity of any statements made within this article are not guaranteed. We accept no liability for any errors, omissions or representations. The copyright of this content belongs to the author and any liability with regards to infringement of intellectual property rights remains with them.