Every business should guard its data, for its own sake. Your data represents one of your most valuable assets. Unfortunately, it’s also one of its more vulnerable.
Some businesses, such as those in the financial and insurance industries, are required by law to guard data from outside breaches. The exposure of sensitive financial information can result in both fines and the cost of replacing credit cards, checks and other items containing account numbers or other personal information.
No industry is held to a higher scrutiny than the healthcare industry.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal provision passed and enacted in August, 1996. While HIPAA has a number of provisions, one of its chief goals is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well being.
It’s a tall order, but the ultimate standard against which all data privacy is measured.
If your company works in the healthcare field, you already know you have to take special safeguards in what you do. Here are three situations your team at Carolinas NetCare is always on the lookout for, And, we are prepared to assist you in enhanced protection of your network (whether it contains healthcare data or not):
Ransomware
Ransomware is malware that infects your network (or workstations on it) and locks down your operating system, data or both until you pay the perpetrator “ransom” to get back your own information. A report, issued by Verizon this month, states that attacks have doubled in frequency across all industries and are now the fifth most common specific malware variety. In the same report, The healthcare industry was the second-most targeted industry at 15 percent of incidents, just behind the financial sector that had 24 percent of total incidents in 2016. (Click here to read the entire report.)
Unauthorized Apps
It’s important to have protocols and firewalls in place to block the unauthorized installation of applications, particularly those downloaded from the web.
Most IT managers are familiar with the more prominent apps, among them Microsoft’s Office 365, Google, Dropbox and others. However, there are thousands of apps available, and many companies run dozens, if not hundreds of apps in the execution of its business practices. It is important to enforce data governance policies, then monitor how all data is used.
This is particularly important with healthcare data, since one breach can send personal data in hundreds of directions, resulting in thousands of replications. This danger grows as shadow IT continues to gain traction and employees adopt cloud technologies without keeping information technology shops in the loop. It’s compounded by cybercrimimals and malware developers continuing to explore and implement new ways to launch attacks that capitalize on cloud vulnerabilities.
Internal Theft
Every company wants to trust its employees to have the best interest of the business at heart. But no matter how carefully new employees are screened, someone with unethical (or illegal) intent can slip through.
An internal breach is one of the toughest to safeguard against. With many employees equipped with laptops, the units themselves can be “stolen” with all data on them compromised. Even easier is the transfer of data to portable devices such as hard drives or flash drives.
The answer is in enhanced policies and procedures, as well as other options such as remote delete applications that can be installed and activated in the event of a breach.
What do you have in place to protect your sensitive healthcare data? Let Carolinas NetCare help you design and implement a plan.
ShareAPR
2017
