American Recovery and Reinvestment Act (ARRA) Provides Financial Incentives to Migrate Medical Files to Digital Formats, Opening Doors to New Security and Privacy Risks for Healthcare Institutions

    Five Things Hospitals Must Know about Keeping Digital Medical Records
    Secure

AUSTIN, April 2 /PRNewswire-FirstCall/ – The American Recovery and Reinvestment Act(1) (ARRA), which was signed by President Barack Obama on February 17, 2009, offers financial incentives for healthcare institutions across the United States to invest in technology and convert medical records to electronic formats. The ARRA includes more than $21 billion of funding in technology investments, much of which will be allocated to Healthcare IT departments.

These incentives will revolutionize record keeping in the healthcare industry, making medical records available throughout hospitals on mobile computers, tablet PCs, and shared terminals. With this accessibility and increased efficiency, healthcare providers need to be aware of and address the vulnerabilities of such systems to data breaches and theft. Absolute(R) Software Corporation, the leading provider of firmware-based, patented, computer theft recovery, data protection and IT asset management solutions, has more than a decade of experience with the security risks and privacy issues that accompany the use of mobile IT assets, as well as the necessity for a multi-layered approach to security.

According to a recent study from Health Industry Insights(2), an IDC Industry Insights company, the economic stimulus package will advance technology investment among healthcare organizations over the next four years, with spending levels potentially reaching $70 billion by 2013.

“The ARRA creates significant new requirements for healthcare organizations to proactively manage the security of digital patient information” Scott Lundstrom, VP Research for Health Industry Insights. “Electronic medical record implementations will be held to strict standards designed to protect the privacy of individual medical records. Meeting the standards will be a challenge – the dynamic nature of healthcare coupled with the move to mobile computing platforms makes the proper security of patient information especially difficult. Confidential information, including patient records, social security numbers and more can be compromised if healthcare organizations are not taking the proper precautions.”

“Securing patient data should be a priority among healthcare organizations,” says Brad Myrvold, Manager of Desktop Technology at Allina Hospitals & Clinics. “When electronic protected health information records are compromised, hospital systems lose the trust of current, past and prospective patients. That’s why we have taken a multi-layered approach to mobile data security including encryption, remote data delete and computer theft recovery solutions.”

As the new era in digital patient information begins, Absolute Software has mapped out best practices for keeping data secure in healthcare institutions.

    Top Five Healthcare Practices for Keeping Data Secure(3):
    ---------------------------------------------------------

        1. Know the Consequences of a Data Breach. If the consequences of a
           data breach are known throughout the organization, employees will
           understand the importance of preventing them. Preventing data
           breaches should be a top priority at healthcare organizations.
           According to a recent study from the Ponemon Institute,(4)
           organizations that experienced a data breach in 2008 paid an
           average of $6.6 million to rebuild their brand image and retain
           their customers. The study also found that healthcare companies
           lost the most business resulting from data breaches compared to
           any other industry.

        2. Assess your Organization's Situation. Every healthcare facility is
           different, varying not only in size but also in methods and
           protocols. Healthcare managers should properly assess all areas of
           the facility where confidential data may be stored, then determine
           who has access to them and how they are being protected. Before an
           organization can begin to streamline its IT security, it must have
           a firm understanding of what it needs to protect.

        3. Implement a Comprehensive Data Security Plan. Healthcare
           facilities should institute a comprehensive data security plan to
           protect computing assets and sensitive information. Even with
           encryption in place, 56% of employees disable their company-issued
           encryption solution.(4) Security and asset management solutions
           such as Absolute Software's Computrace(R) should be part of a
           multilayered approach in protecting organizational computers.
           Absolute Software's Computrace has the ability to track and
           recover missing laptops as well as to remotely delete sensitive
           files. Computrace Mobile by Absolute Software allows IT managers
           to monitor and protect smart phones in a similar fashion.

        4. Secure Data on Mobile Computers. Sensitive data must be protected
           on all computers, especially mobile computers. The more hospitals
           use mobile computers and PDAs, the higher the risk theft and data
           ending up in the wrong hands. A multi-layered approach to data
           security and theft is necessary to protect these assets.

        5. Create a Data Breach Policy. With more sensitive data being stored
           electronically, it is vital for healthcare organizations to have
           data breach contingency plans in place. In the event of a data
           breach, there should be a standard procedure in place to minimize
           damage and for timely notification of supervisors, law
           enforcement, patients and the media, as necessary. It is best to
           be proactive as opposed to reactive when handling something as
           time sensitive and serious as a data breach.

“President Obama’s plan gives healthcare organizations a much-needed incentive to turn the corner when it comes to digitizing medical records,” said John Livingston, CEO of Absolute Software. “But, with this bold investment in healthcare IT comes great responsibility. If patient information is not protected properly, data breaches can pose serious short and long-term consequences for all involved.”

About Absolute Software

Absolute Software Corporation (TSX: ABT) is the leader in Computer Theft Recovery, Data Protection and Secure Asset Tracking(R) solutions. Absolute Software provides organizations and consumers with solutions in the areas of regulatory compliance, data protection and theft recovery. The Company’s Computrace(R) software is embedded in the firmware of computers by global leaders, including ASUS, Dell, Fujitsu, General Dynamics Itronix, HP, Lenovo, Motion, Panasonic and Toshiba, and the Company has reselling partnerships with these OEMs and others, including Apple. For more information about Absolute Software and Computrace, visit www.absolute.com.

    (1) For complete text of The American Recovery and Reinvestment Act
        (ARRA), please visit

http://webx.newswire.ca/click/?id=e339e3f53616d1c

    (2) Health Industry Insights: "Business Strategy: Capturing Your Share of
        the American Recovery and Reinvestment Act," March 2009. To read the
        entire study, please visit

http://www.energy-insights.com/getdoc.jsp?containerId=217404

    (3) Absolute Software's expertise is limited to general procedures and
        technologies that may be of assistance in protecting electronic
        protected health information and other sensitive data. While the
        Company believes these best practices, if followed by healthcare
        organizations, may be effective in assisting the protection health
        information, Absolute does not assume any responsibility for the
        misuse, misinterpretation or inappropriate application of these best
        practices by organizations.
    (4) Survey of business managers. Ponemon Institute, LLC: "The Human
        Factor in Laptop Encryption," Dec 2008. To read the entire study,
        please visit

http://webx.newswire.ca/click/?id=a191d9f8687facc

Forward-Looking Statements

This press release contains forward-looking statements that involve risks and uncertainties. These forward-looking statements relate to, among other things, the expected performance of our services and products, the possible contents of future and pending legislation, the application of public monies in various sectors, suggested practices for securing data, and other expectations, intentions and plans contained in this press release that are not historical fact. When used in this press release, the words “plan,” “expect,” “believe,” and similar expressions generally identify forward-looking statements. These statements reflect our current expectations. They are subject to a number of risks and uncertainties, including, but not limited to, changes in technology and general market conditions. In light of the many risks and uncertainties you should understand that we cannot assure you that the forward-looking statements contained in this press release will be realized.

(C)2009 Absolute Software Corporation. All rights reserved. Computrace, Absolute and Secure Asset Tracking are registered trademarks of Absolute Software Corporation. Computrace U.S. patents # 5,715,174, # 5,764,892, # 5,802,280, # 5,896,497, # 6,244,758, # 6,269,392, # 6,300,863, and # 6,507,914. Canadian patents # 2,284,806 and # 2,205,370. U.K. patents # EP793823 and # GB2338101. German patent # 695 125 34.6-08. Australian patent # 699045. Japanese patent # JP4067035. The Toronto Stock Exchange has neither approved nor disapproved of the information contained in this news release.

SOURCE Absolute Software Corporation