Blog / Security

Don't Be Another Healthcare Headline - Protect Yourself Against Breaches

10/25/2018

Sometimes it is exciting to read about your company in news headlines….sometimes it isn’t. It is not exciting to have your company in the news because something bad has happened and it definitely doesn't sit well when your company becomes part of an public, online list because of that something bad.

But that…and more…is what happens to healthcare organizations that have had breaches happen to their IT environment. However, you probably already know this because chances are your company may have already experienced a breach. Just last year there were 477 healthcare breaches reported to the U.S. Department of Health and Human Services (HHS) affecting over 5 and half million patients. This year isn’t much better. A recent Ponemon Institute survey has revealed 62% of healthcare organizations have experienced a data breach in the past 12 months. More than half of those organizations experienced data loss as a result.

When it comes to breaches, healthcare isn’t like every other industry. The 2018 Protected Health Information Data Breach Report identified that most healthcare breaches come from internal actors not external factors. Things like human error and privilege misuse caused far more security incidents than hacking and malware.

Top Five causes of breaches in the Healthcare Industry

  1. Human Error
  2. Misuse
  3. Physical (i.e. theft)
  4. Hacking
  5. Malware

So how can you keep your name out of the headlines…and avoid a breach?

Educate: Create cybersecurity awareness and increase training across the organization and engage your board members on the implications of underinvesting in resources and tools. Ensure all stakeholders are involved in any Incident Response planning

Police: Have a strict Bring Your Own Device policy, policy agreements with vendors, and user identity and access

Act: Implement an integrated cyber defense platform rather than deploying a collection of point products and solutions. Keep systems patched, conduct annual HIPAA security risk analysis, assess vulnerabilities, and encrypt both data and hardware.

Related Resources

BlogBlog

Cedar Rapids Civil Rights Commission Feminine Hygiene Drive

Enter go to Blog : Cedar Rapids Civil Rights Commission Feminine Hygiene Drive
BlogBlog

Roundtable Recap: Hybrid Cloud's Role in Helping Business Rise Above

Enter go to Blog : Roundtable Recap: Hybrid Cloud's Role in Helping Business Rise Above
BlogBlog

CloudOps Q&A with Involta's Enterprise Architect and Principal Cloud Architect

Enter go to Blog : CloudOps Q&A with Involta's Enterprise Architect and Principal Cloud Architect
BlogBlog

People Who Deliver: Spotlight Interview with Sue Sedrel

Enter go to Blog : People Who Deliver: Spotlight Interview with Sue Sedrel
BlogBlog

Involta Insights: An Exploration of Customer Experience

Enter go to Blog : Involta Insights: An Exploration of Customer Experience
BlogBlog

How to Dodge Common Potholes Along Your Highway to Digital Transformation

Enter go to Blog : How to Dodge Common Potholes Along Your Highway to Digital Transformation

Stay up to date with the latest from Involta

We use cookies to offer you a better web experience? By continuing to use our website, you agree to the Privacy Policy.