Healthcare Cybersecurity: Reducing the Risk of Data Breaches
By: Jori Hamilton
The majority of healthcare data breaches in 2019 have been traced to third-party vendors and phishing attacks. Here’s what needs to be done to reduce risk.
2019 has a bad year for healthcare security breaches. Over 30 million patients in the U.S. have been affected by data breaches so far this year. The majority of attacks have been traced back to third-party vendors and phishing attacks.
Furthermore, the industry at large is still dragging its heels on adopting the Health Insurance and Portability Accountability (HIPAA) compliance regulations and updating technology to combat the latest threats.
Cisco’s 2019 report regarding technology use in the healthcare industry revealed that over 50% of organizations still operate on legacy Windows 7 systems and outdated IoT equipment.
If healthcare providers do not take appropriate measures to safeguard patient information, the number of hacks will continue to climb. Healthcare administrators need to focus on technology upgrades, staff training, network access limitations, and greater accountability with third-party vendors.
HIPAA: Where Cybersecurity Begins for Healthcare Organization
No discussion on data breach prevention is meaningful without first addressing compliance. HIPAA’s Security Rule outlines what healthcare administrators must do to maintain the confidentiality, integrity, and availability of health information. The rule is designed to prevent problems that arise from data breaches, system failures, or natural disasters.
HIPAA covers vital concerns, such as:
- Patient rights regarding access to their sensitive medical data.
- The role of administration in adopting and executing policies and procedures.
- Physical security measures to protect on-site data, software, and equipment.
- Digital security measures to prevent breaches or unauthorized access.
- Maintaining updated and accurate records of all patients.
Administrators must also establish a risk analysis to assess vulnerabilities and…