Every day in my newsfeed I’m alerted to yet another compromise to patient information. The headline isn’t always the attention-grabbing ones that we see when major credit companies or big-box retailers are exposed. These are just listed, one after the other, identifying locations of healthcare businesses, whether it be hospitals or private practice, that have had possible exposures.
If you are part of a private practice or small organization that works in the healthcare industry, you need to be aware: this is happening in your office. It doesn’t always happen in the huge hospital with thousands of employees, the locations that we assume have less control over such a large employee base. This is happening everywhere. The doctor’s office with the same 3 people who have run the front office for years; the dentist you’ve been going to see since you were a child.
Patient data is a coveted treasure among cybercriminals and unless you are taking measures to protect it from end to end, you are at risk. While working with a trusted IT advisor is critical, you also need to ensure that you are covered if a breach does occur.
Those compromises that are listed in my newsfeed don’t say that patient data was stolen and sold, they merely confirm the fact that it was seen by uncertified eyes. That means, they don’t know what happened, but they do know that it could pose a problem in the future. So, in order to protect their business and reputation, they are going to incur the cost of credit monitoring. What you don’t hear about is the cost of the forensic expert or additional breach resources that were needed even to identify if data was compromised.
Verify that you have a cyber insurance policy to protect you in such an incident. Without it, your business and its health are at risk of “not making it”.
This article was originally published on HIPAA Secure Now! and is republished here with permission. HIPAA Secure Now offers annual online subscriptions to help covered entities and business associates keep up with compliance. Learn more here.
HIPAA Secure Now! suite of subscriptions offers an extensive list of tools to provide ongoing training, assessment, moderation activities and more to support an organization’s privacy and security efforts. Subscriptions also support the process of conducting an annual Security Risk Assessment to meet MIPS and Promoting Interoperability requirements.
The subscriptions work for organizations of all sizes, both Covered Entities and Business Associates. All are priced at a flat annual fee, based on number of employees, for a full 12 months. All include a discount if purchased through us.
If your organization has more than 50 employees, or if you’d like to schedule a demo or you just want to get a couple questions answered, take a few seconds to complete this form and we will get back to you.