The rise of cybercriminal activity in healthcare is cause to review current security protocols and practices.Since 2017 is well underway, this may be the right time to modify HIPAA policies and procedures, check those business associate agreements, formalize a breach response plan and carefully review update your security risk analyses.
It didn't take very long for the bad guys to figure out where the valuable ePHI resides and they've made quick work to targeting health plans and healthcare organizations across America. In 2015 alone through 57 large breach events, over 112 patients' data was compromised.
At the present time, based on end of year 2016 data from the OCR wall of shame, nearly 75% of the total number of patients impacted are a result of hacking activities. The number of patients affected by hacking healthcare organizations alone is about 128 million!
Because insider threats remain the best gateway for cybercrime activities, healthcare organizations should take the time to update their HIPAA education arsenal. One of the best defenses is an informed workforce. Periodic reminders with real-life events as examples serve as an excellent way to keep the workforce informed that what they do, makes a difference. Another effective solution is to provide examples of how emails that look authentic can simply be an invitation and gateway to the intruders. Help your workforce be your best first-line defense!
https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
