The addition of seven million people to the U.S. healthcare system has dramatically increased the cyber attack surface. According to Healthcare IT News, HIPPA Data breaches have climbed over 138 percent this year.
Hackers aren’t the only risk healthcare organizations face. Often internal forces present a bigger threat to information assets.
In the news this summer:
Penn State Hershey Medical Center PA
An employee used his personal computer and email account to access PHI, and a memory stick to store and transport the clinical data of over 1,800 people.
Jersey City Medical Center NJ
An unencrypted CD containing patient Social Security numbers, birth dates and other medical information went missing while in transit from the hospital to a third-party records administrator. The number of records affected was not disclosed.
Bay Area Pain Medical Associates CA
Three desktop computers were stolen from the facility, compromising almost 3,000 patient records.
Self Regional Healthcare, SC
A laptop containing unencrypted names, Social security numbers, financial accounts, insurance information and diagnoses of an undisclosed number of patients was stolen.
Riverside Health System VA
A convicted felon who worked for two years at Riverside Health System was charged with stealing credit card information from approximately 2,000 cancer patients.
Healthcare professionals don’t see themselves as data security administrators, but everyone who accesses PHI is in effect responsible for keeping that data secure. Now that doctors and other professionals carry around devices with thousands of records on them, everyone is in the IT security business.
Encryption of sensitive data and securing all devices within an organization is essential to protecting information assets and patient financial well-being. Read about EdgeWave’s success in the healthcare industry and download your free cyber security kit, or visit EdgeWave for more information.