Six Steps to Effective Healthcare Data Breach Response
Six Steps to Effective Healthcare Data Breach Response

Healthcare IT is undergoing a complex and challenging transformation. Today healthcare IT departments must not only keep up with ever-changing regional and global regulations surrounding protected health information (PHI), they also have to stay one step ahead of cybercriminals and situations that could lead to data breaches—even if they’re accidental.

Healthcare organizations can take a layered approach to data security to help prevent data breaches, but security is fallible and even the best prepared organizations will inevitably suffer a data breach. Last week, we addressed some of the Best Practices for Healthcare Data Breach Prevention, and this week we move on to addressing how to mitigate the damage of a potential security incident.

The costs and consequences of a data breach can cripple a healthcare organization, especially if it is not handled quickly. A 2015 study reported that the average cost of a data breach to a health practice is as much as $363 per medical record, and another states that the potential cost of breaches for the healthcare industry could be as much as $5.6 billion annually. In our whitepaper, Six Steps to Effective Healthcare Data Breach Response, we outline ways you can mitigate the costs and fallout of a potential data breach:

  1. Limit the damage of a security incident, which in some cases prevents it from becoming a data breach
  2. Collect, document and analyze evidence
  3. Determine the extent of the damage
  4. Understand the regulations
  5. Determine a plan of action
  6. Send compliant notifications

We outline each of these points in full in our whitepaper. Learn more about how to set up your data breach response plan in our whitepaper.

Absolute can help your organization maintain regulatory compliance by allowing you to prove that encryption or other security measures were in place at the time a security incident occurred. By allowing you to report on the status of the data on the device, Persistence technology enables you to identify if data was accessed post-breach, and whether a breach notification must occur. Absolute can help you identify potential security threats and respond rapidly before they become damaging security incidents. Learn more about Absolute’s security solutions for healthcare here.

ABOUT THE AUTHOR

Arieanna Schweber

Arieanna Schweber has been a part of the Absolute writing team since 2007. Arieanna was Canada’s first female professional blogger and has been professionally blogging since 2006 and has spoken at leading blogging conferences including BlogHer and Northern Voice. Arieanna has a joint degree in Business and Communications from Simon Fraser University and continues to build communities for Vancouver-based clients.