Strengthening Data Security From End To End

“Ninety-one percent of healthcare organizations reported at least one data breach in the past two years, and more than 60% of hospitals have no breach response plan in place.”

—The Ponemon Institute

2015 ushered in an explosion of many high-profile security breaches, leaving millions of health records exposed and costing exorbitant amounts in time, money and reputation. One in three Americans, in fact, experienced breaches of their healthcare records last year, with large-scale hacks representing 98 percent of data compromises. Most notably, last year’s cyberattack on Anthem exposed nearly 79 million records, and one at Premera Blue Cross affected 11 million individuals. Both were the result of phishing attacks. The publicity around these events has propelled healthcare to the forefront of IT security discussions, especially as it relates to the protection of personal patient data and what can be done to better protect it.

As cyberattacks continue to target the healthcare industry, touching everyone from physicians’ offices to insurers, both the U.S. government and the private sector have started to increase pressure on healthcare organizations to bolster their information security programs. For example, the Department of Health and Human Services has recently updated its HITECH rules, (Health Information Technology for Economic and Clinical Health Act), which require healthcare organizations seeking federal subsidies for implementing electronic health record (EHR) systems to prove that they are addressing the risks inherent to those systems with stronger data protection measures.