Health Care Security Breaches Expected to Grow in 2015
According to Experian’s second annual Data Breach Industry Forecast, healthcare organizations accounted for 42% of the major data breaches reported in 2014. “We expect this number will continue to grow until the industry comes up with a stronger solution to improve its cybersecurity strategies,” said Michael Bruemmer, vice president at Experian Data Breach Resolution, in a written statement.
The report states that “Healthcare organizations face the challenge of securing a significant amount of sensitive information stored on their network, which combined with the value of a medical identity string makes them an attractive target for cybercriminals.” “The problem is further exasperated by the fact that many doctors’ offices, clinics and hospitals may not have enough resources to safeguard their patients’ PHI (protected health information).”
This week, Health IT Security reports on two possible security breaches within the healthcare industry. In one of the instances, the Indiana State Medical Association (ISMA) had two backup hard drives stolen, containing information on 39,000 people. The exposed data includes medical identification numbers, names, addresses, and dates of birth.
What can you do to protect yourself as a healthcare facility? While no organization is 100% immune to a potential data breach, there are some steps to take to limit possible data exposure:
- Ensure that your organization has a well thought out incidence response plan in place
- Encrypt data
- Use scanning technology to monitor your network for vulnerabilities
- Shred hard drives, smart phones, tablets, and other data-containing devices that are no longer in use
- Provide periodic security awareness training for staff
- Change passwords on a regular basis
For information on the Health Insurance Portability and Accountability Act of 1996 (HIPAA), click here.