GATEKEEPER BLOG

Tailgating Prevention Risks of Leaving Sessions Open on PCs

Tailgating Prevention Solution: Risks of Leaving Sessions Open on PCs

The Risks of Leaving Sessions Open on PCs in Hospitals: Tailgating and Costly Errors

Why a Tailgating Prevention Solution is Necessary

Hospitals have always been on the frontline of utilizing technology to enhance patient care and operational efficiency. One area where technology is particularly vital is in the Electronic Health Records (EHR) systems. However, the security protocols surrounding these systems are often taken for granted, leading to risks such as unauthorized access and data breaches. One common, yet underestimated, vulnerability is leaving sessions open on PCs in a hospital setting. This article aims to shed light on the risks associated with this behavior, focusing particularly on tailgating/piggybacking as well as the time and costs involved.

The Frequency of the Problem

Before diving into the risks, it’s crucial to understand how prevalent the issue is. According to a study conducted by the Journal of Healthcare Information Management, approximately 17% of healthcare workers admit to sometimes or always leaving their sessions open when stepping away from a terminal. In a busy hospital, this translates to dozens of opportunities for unauthorized access every day.

Tailgating and Piggybacking: Security Risks You Can’t Afford

Tailgating and piggybacking refer to the unauthorized entry into a restricted area or system, facilitated by an authenticated individual who opens the door, either metaphorically or literally. In a hospital setting, this could mean accessing an EHR system through an open session on a PC.

Statistics on Unauthorized Access

A survey by Healthcare IT News found that 34% of healthcare data breaches in the last two years were caused by unauthorized access. Tailgating and piggybacking constitute a significant portion of these access-related breaches.

Clinical Implications

Unauthorized access could result in the alteration or deletion of patient data, posing severe risks to patient safety. Incorrectly administered treatments, medication errors, and misdiagnoses are just some of the consequences.

Time and Costs Associated with Errors

Rework and Litigation

When data is accessed or changed mistakenly or maliciously, it often requires a significant amount of time to rectify the errors. This “rework” is not only costly in terms of time but also money. According to a report by the American Journal of Managed Care, the healthcare industry spends nearly $650 million annually on resolving issues related to data breaches.

Regulatory Penalties

The Health Insurance Portability and Accountability Act (HIPAA) sets strict regulations for healthcare data security, and non-compliance can result in fines ranging from $100 to $50,000 per violation.

Tailgating Prevention Solutions

Leaving sessions open on PCs in a hospital environment is a risky practice that invites unauthorized access through tailgating and piggybacking. The consequences are far-reaching, affecting patient safety, consuming valuable time, and incurring considerable costs in the form of rework, litigation, and regulatory penalties. It is imperative for healthcare institutions to implement strict session management protocols to mitigate these risks effectively.

Implementing a robust cybersecurity solution that guards against these vulnerabilities can be a significant step forward in ensuring both compliance and patient safety. As we move towards an even more digitized healthcare landscape, there can be no compromises when it comes to securing patient data and upholding the integrity of healthcare services.

GateKeeper Proximity Lock automatically locks unattended PCs when a nurse or doctor leaves. This prevents tailgating issues and maintains HIPAA compliance. Check out other hospitals and customers that are using GateKeeper as their tailgating prevention solution.

Capterra Best Value for Authentication Jun-20
Capterra Ease of Use for Authentication Jun-20

See GateKeeper Enterprise advanced MFA in action.

Take a self-guided tour of how you can evolve from passwords. Then you're really saving time with automation.