Today hospitals think they’re protected against the worst case scenario. But the truth is all the work behind healthcare web security, monthly audits, firewalls and IDS/IPS, homegrown codes, or a common audit product for data security just aren’t enough.
The healthcare industry is increasingly being targeted by hackers: a new study from Ponemon on Privacy and Security of Healthcare Data saying 90% of healthcare organizations have suffered from at least one data breach in a two year period. The black market has placed a high bounty on these records – average of $367 per record – making healthcare organizations a prime target for hackers. It’s not a matter of ‘if’ anymore, it’s ‘when’.
Once hacked, it takes the current cybersecurity systems in place an average of 226 days to even discover the data breach occurred – that’s over 7 months. In that time private patient data has been hacked, login credentials and medical records have been stolen, and it’s going to take an average of 69 days to contain the damage. In the meantime, this healthcare organization is losing patient trust, its reputation is taking a hit, numerous lawsuits are piling up, and there may be large fines for an avoidable data breach. Worst yet, this hack might be the work of a rogue employee. There’s a lot at stake.
Today, it’s law that healthcare organizations notify their patients of a security breach. But before 2013, it wasn’t required unless it was clear that privacy information had been compromised. Worst yet – if it had been compromised, but it didn’t appear any damage had been done, they didn’t need to report it. But that’s the past: today, HIPPA’s Omnibus Rule mandates that healthcare organizations notify patients unless the breach falls in three narrow exception categories. This means that almost any unauthorized disclosure of information is considered a breach of protected health information. Plus, another rule requires the media to be notified if 500 or more people have been affected. This isn’t a form of public humiliation, but rather a way to disseminate the information as quickly and widely as possible. Finally, figuring out what was taken needs to be done through a risk assessment, and should be conducted by a third party forensic investigator. During this time the healthcare organization is still scrambling to contain the breach, let alone figure out what’s been compromised. To top it off the media attention, disturbed patients trying to figure out as much as they can, and possible litigation is causing stress throughout the organization.
Loss of patient and public trust
Because the law’s concerning cyber attacks require not only letting patients, but the media, know the extent of damage – it’s inevitable that a healthcare organization’s reputation is impacted. Patient trust is difficult to cultivate – and rebuilding it even harder. After a cyber attack, a healthcare organization must walk the fine line of regaining trust by disclosing all it can while promising it’s doing everything to protect patient privacy. The relationship between a healthcare provider and the patient is an intimate one, so regaining the trust that’s been lost has to be equally intimate – from providing disclosure and reassurance, to stepping up to provide credit monitoring and other resources after the breach.
The value of a comprehensive monitoring tool
Intruno’s machine learning technology identifies and alerts healthcare data managers when any login behavior is not within the normal expected behavior. Intruno works 24/7 to learn each individual user’s normal patterns, and constantly adjusts based on their behavior. Intruno allows healthcare organizations to identify malicious insiders, as well as hackers logged in with stolen credentials in real time in one streamlined, and easy to use platform. This platform not only allows for actionable intelligence, but it means the healthcare organization can now better protect other patients data records from being illegitimately accessed. This system platform also provides comprehensive reporting that helps to better comply with HIPAA/HITECH regulations by giving you all the information you need up front.
The use of Intruno in a healthcare organization can:
- Provide real time detection of data breaches that allow organizations to respond quickly to mitigate losses and stop the source of the breach.
- Gives healthcare organizations the ability to easily access information in order to determine how a breach occurred, stop further losses, and meet incident reporting requirements.