Blog / Security

Don't Be Another Healthcare Headline - Protect Yourself Against Breaches

10/25/2018

Sometimes it is exciting to read about your company in news headlines….sometimes it isn’t. It is not exciting to have your company in the news because something bad has happened and it definitely doesn't sit well when your company becomes part of an public, online list because of that something bad.

But that…and more…is what happens to healthcare organizations that have had breaches happen to their IT environment. However, you probably already know this because chances are your company may have already experienced a breach. Just last year there were 477 healthcare breaches reported to the U.S. Department of Health and Human Services (HHS) affecting over 5 and half million patients. This year isn’t much better. A recent Ponemon Institute survey has revealed 62% of healthcare organizations have experienced a data breach in the past 12 months. More than half of those organizations experienced data loss as a result.

When it comes to breaches, healthcare isn’t like every other industry. The 2018 Protected Health Information Data Breach Report identified that most healthcare breaches come from internal actors not external factors. Things like human error and privilege misuse caused far more security incidents than hacking and malware.

Top Five causes of breaches in the Healthcare Industry

  1. Human Error
  2. Misuse
  3. Physical (i.e. theft)
  4. Hacking
  5. Malware

So how can you keep your name out of the headlines…and avoid a breach?

Educate: Create cybersecurity awareness and increase training across the organization and engage your board members on the implications of underinvesting in resources and tools. Ensure all stakeholders are involved in any Incident Response planning

Police: Have a strict Bring Your Own Device policy, policy agreements with vendors, and user identity and access

Act: Implement an integrated cyber defense platform rather than deploying a collection of point products and solutions. Keep systems patched, conduct annual HIPAA security risk analysis, assess vulnerabilities, and encrypt both data and hardware.

Related Resources

BlogBlog

The Next Generation of Networks

Enter go to Blog : The Next Generation of Networks
BlogBlog

Involta Cares: Spotlight Interview with Olivia Bontrager

Enter go to Blog : Involta Cares: Spotlight Interview with Olivia Bontrager
BlogBlog

Anywhere Operations Means Business as Usual

Enter go to Blog : Anywhere Operations Means Business as Usual
BlogBlog

Your Digital Workplace with Microsoft Teams Q&A Recap

Enter go to Blog : Your Digital Workplace with Microsoft Teams Q&A Recap
BlogBlog

People Who Deliver: Spotlight Interview with Weston Shultz

Enter go to Blog : People Who Deliver: Spotlight Interview with Weston Shultz
BlogBlog

Ransomware: The Monster to Watch Out For

Enter go to Blog : Ransomware: The Monster to Watch Out For

Stay up to date with the latest from Involta

We use cookies to offer you a better web experience? By continuing to use our website, you agree to the Privacy Policy.