It’s not good to be in Healthcare IT these days, judging by the latest . With over 3 million records put at risk by both insiders and external attacks in Q2, healthcare orgs need to be vigilant.

emergency-1137137_960_720  - emergency 1137137 960 720 - Healthcare Sees 278% Increase in Data Breaches in Q2

The Q2 2018 Breach Barometer report from Protenus paints a bleak picture for the of health data. If you’re in healthcare, you should be concerned. Some of the Q2 2018 findings include:

  • 142 Data (up 29% over Q1)
  • 3.1 million records (up from 1.1 million in Q1)
  • Healthcare worker-related breaches are up 272%

To make this worse, nearly 30% of healthcare organizations experienced more than one data breach. According to the Protenus report, organizations that do not detect and mitigate the first breach have a greater than 30% chance of having another breach within 3 months, and a 66% chance within 12 months. In other words, if the organization isn’t educating users on appropriate use, monitoring for policy violations, and addressing breaches – even minor ones – the odds are the problem will only compound. Additionally, the problem is exacerbated by insider infractions – 9 out of every 1000 employees breach patient privacy, mostly snooping around the records of family members.

So, why is Healthcare seeing so many data breaches?

There are two issues found within the Protenus data:

  • Not enough staffing – on average, only 1 investigator is assigned to 4000 EHR users across 2.5 organizations, making it nearly impossible for healthcare organizations to stay on top of monitoring user behavior.
  • The complete lack of a security culture – The snooping and repeat breaches clearly demonstrate that users are not educated and instilled with a need to preserve corporate security. In fact, 78% of healthcare organizations have inadequate data privacy and security awareness training in place.

Improving the number of investigators may be tough – some organizations are leveraging third-party investigation services, making it cost-ineffective to have someone full-time monitoring user activity. What healthcare organizations need to do is focus on the part of the problem they can definitely address – the security culture. By establishing Security Awareness Training, healthcare organizations can communicate their expectations of the users around data security, snooping, and interaction with email and the (both entrance points for external attacks). By doing this, they can reduce the likelihood of successful malware attacks used to gain access to the network, insider threats, and inquisitive workers looking to take a peek at a patient’s records.


 Phishing Security Test

Did you know the average Phish-prone™percentage in the Healthcare industry is 28%? Find out how you compare.

Healthcare records are a big target for cybercriminals because these records include valuable personal, medical, and financial information. We help you train your employees to better manage the urgent IT security problems of social engineering, spear phishing and attacks. Take the first step now. Find out how many of your users will click and see how you compare to your industry peers.

Go Phishing Now!  - 0390dc92 244f 446b 9e68 0f6ccd67a376 - Healthcare Sees 278% Increase in Data Breaches in Q2

PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer

 



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here