Device Loss Continues to Hit Hard in the Healthcare Sector
Device Loss Continues to Hit Hard in the Healthcare Sector

Data breaches cost the healthcare industry an estimated $5.6 billion annually. This isn’t surprising since 90% of healthcare organizations reported at least one data breach in the past 2 years – and 38% reported more than 5.

In a post on HealthITSecurity, Elizabeth Snell writes about two recent examples of how Equipment Thefts Lead to Health Data Security Breaches.” In her article, Elizabeth details the breach at Valley Community Healthcare in California following the theft of a laptop from an EKG room; the second breach involved the theft of two backup hard drives from the Indiana State Medical Association. If you look at the 2015 data breaches reported so far, you will see a pattern of mistakes in the handling of data devices that have resulted in data breaches, often affecting the healthcare industry.

As Elizabeth notes, “Healthcare organizations need to remain diligent in how they store, transport and access sensitive patient data.” 78% of data breaches in the healthcare sector are due to lost or stolen devices, a fact which is often overlooked by the recent focus on cyber attack. While cyber attacks are indeed on the rise, the endpoint remains a vulnerable point for most healthcare organizations. These risks come from data stored on the endpoint as well as contributing data or network access, which could facilitate a successful cyber attack.

Healthcare organizations can take control of data security, ensuring that when data breaches do happen (people will make mistakes), they may not lead to a data breach. Good endpoint security solutions, such as Absolute Computrace, offer key security functions in governance, risk management and compliance (GRC). Our solution includes an audit trail to show who viewed the data, whether it has been changed, where it resides, and how it’s protected (including the status of encryption); if files are deleted, the audit trail can prove it. This is all supported by Persistence technology, which cannot be removed. Absolute Computrace can help you supply the ‘burden of proof’ required by HIPAA, avoiding a costly data breach notification requirement.

For more on healthcare data protection, visit our website or read our recent article on the Top Tips for Keeping Patients’ Healthcare Data Protected.”

ABOUT THE AUTHOR

Arieanna Schweber

Arieanna Schweber has been a part of the Absolute writing team since 2007. Arieanna was Canada’s first female professional blogger and has been professionally blogging since 2006 and has spoken at leading blogging conferences including BlogHer and Northern Voice. Arieanna has a joint degree in Business and Communications from Simon Fraser University and continues to build communities for Vancouver-based clients.