As patients, we want and expect several things when we visit healthcare providers.
1. We expect our personal information to stay safe and secure.
2. We want our data to be as accessible as possible.
We expect to have mobile access with just a few clicks. We want paperless transfer of medical records. We don’t want to have to re-enter data again and again. We want online bill pay and email-based services. We want information flow between medical facilities to be as painless as possible.
And as a patient, it all makes sense.
But when you reverse and enter as a medical director, it becomes a little more difficult.
According to a 2017 IBM Security Breach Study, the average data breach increased 1.8 percent to include more than 24,000 records. That’s a lot of records at one time! Yet 77 percent of organizations still say they do not have a formal cyber-incident response plan in place.
Building a response plan starts with talking about possibilities. It involves looking at every aspect of business, from both sides of the table. Having the right staff in place is critical. Using the right tools to provide easy patient accessibility is a must. Knowing you have technology in place working to keep the entire process secure is mandatory.
Full Disk Encryption
Full disk encryption may sound like a low cost, almost too-easy suggestion of keeping data safe, but research proves its still a problem. We’re more mobile than ever. And when everyone on staff is carrying their own personal device, the risk of lost or stolen devices poses a major security risk. The city of Houston found this out recently when a computer containing sensitive information was stolen from an employee’s vehicle.
Encrypted data poses much less threat.
Routine Monitoring
Sometimes the biggest threats come from inside your offices. Do you have employees that are looking at information they shouldn’t have access to? Are they accessing data beyond their needs? With policies and tools in place, and routine monitoring of information, you can track what people are doing inside your programs and quickly stop potential threats. More than half of all healthcare industry problems come from within. That’s why tools to monitor access, and consistent security training are imperative to keep your company data safe.
Reduce Impact
Keeping potential threats out is the main goal of any cybersecurity policy. But equally important is minimizing the damage once they are in. Websites and email are the easiest way for bad behavior to get in. And once in, it’s easy to gain control over devices and propagate and spread throughout all critical assets.
What’s your plan once they’re in?
For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.
