We’ve witnessed a great deal of change in the healthcare sector over the last two years. As the world has adapted to a global pandemic, the entire medical field has moved quickly to adapt, and that’s meant rapid change in terms of technology. We’re seeing more remote communication and collaboration, more devices, and more data. This has all translated to great gains in productivity, not to mention better patient results – but it’s also prompted serious questions about security fortification.
According to Security Magazine, there’s a major disconnect right now between how much healthcare organizations claim to prioritize data security and how much they’re actually investing in it. Hoala Greevy, founder and CEO of Paubox, cautioned that 18% of organizations are allocating only 1% or 2% of their IT budgets to security, and a host of others are not much better. If they really wanted to put their money where their proverbial mouths are, they’d be putting real resources into training, technology, compliance, and more.
“Twenty-four million Americans had their PHI stolen in 2020 as a result of 505 reported healthcare data breaches,” Greevy noted. “Organizations that neglect to enhance their cybersecurity measures will only add to the number of data breaches now and later. By diligently training employees, enforcing 2FA, leveraging email encryption, and preparing an attack strategy, organizations can better prepare to address the ever-present threat of cyberattacks and protect their ability to serve their patients.”
For any health organization to tackle their security weaknesses once and for all, they first need to identify and understand them. So let’s take a look at a few areas where they often struggle:
- Gaps in employee training. All it takes for your organization to be vulnerable is one employee that’s a weak link – falling victim to an email scam, sharing private data they aren’t supposed to, or whatever else. With comprehensive training that covers every single employee, you can ensure there are no leaks in your ship.
- Weaknesses in email systems. Healthcare employees rely on email portals to regularly send and receive electronic protected health information (ePHI). Needless to say, if there are any vulnerabilities in your system, it’s guaranteed to be a target for hackers looking to steal privileged data.
- Insufficient user authentication. Do you know who’s accessing your organization’s network and devices at all times? It’s essential that you do. With a more robust approach to verifying user identities – like, say, two-factor authentication – you can do away with unauthorized system use and ensure that no potential bad actors can sneak in.
- A lack of contingency plans. What if your organization is attacked – do you have a plan in place for what happens next? How will you remediate the attack? How will you recover lost data? What can you do to ensure operations continue as normal, without interruption? It’s best to have these strategies mapped out in advance, so you aren’t scrambling in the heat of the moment.
Especially these days, the security challenge can be daunting. But at Zones, we’re here to help you overcome it. Security Fortification is one of the core areas of focus for our business – we work every day to help clients like you identify their security strengths and weaknesses and make strategic improvements. We have a host of Security Assessments available to get you started, along with a wide range of security offerings from Endpoint Security to Authentication & Data Security. To learn more, connect with us today.
Zones : Mar 29, 2021 5:00:00 AM
Zones