Healthcare Data Breaches are No Laughing Matter
Did you know in 2012 that 1/3 of the data breaches reported were in the Healthcare/medical industry?
I came across a great article that deserves a read (article). It discusses all of the major points that we, as a data destruction company, stress to our prospects and clients as much as possible. How a data breach can happen, what can be done to stop them, and most importantly, the ramifications of of a breach.
There are a few parts of this article that I would like to draw special attention too. The first of which is the second breach that is listed:
2. Emory Healthcare
Number affected: About 315,000
What happened: 10 backup disks went missing due to an unlocked storage facility door.
Only 10 back up discs were taken, but this affected over 300,000 records. All of this because of an unlocked door. Had this location had a system put in place to securely contain these loose media devices this would have been a non-issue.
Next is the breakdown of the ramifications, particularly the fall out. Not only can a data breach cost an organization millions of dollars to fix, that organizations reputation and brand can be damaged beyond repair. There are also some very good points addressed in the remediation portion as well. Data security isn’t just at the IT level, business operations and the medical side all need to be monitored and have systems in place to avoid and deter data loss and theft.
Lastly, when discussing prevention, they once again mention lost data. This is often a overlooked risk, and I mention it again because it is one of the most frequent causes of a data breach, especially in healthcare. In hospitals you have several people from the outside in your facility at all times. At any given time you have patients, their visitors, contractors, and more, not to mention hundreds of employees.
Data security in healthcare is a big deal and requires the attention of many parties. This article does an excellent job of breaking down all of the different segments of a breach and addressing the severity of the potential punishments.
Want to Evaluate your current process?
Sign up for a NO COST evaluation and TechR2 will help you to identify and mitigate your risk of a data breach. We are the only data destruction company in the US with ISO 27001 certification specific to Information Security Management. We are here to help you keep your brand safe.
Risk Evaluation for your “off network” devices