Data breaches threaten healthcare organizations from all angles -- from hackers, thieves and forgetful employees -- and touch all facets of IT infrastructure. Updated HIPAA rules make organizations responsible for the actions of their business associates, too. Healthcare IT security is a daunting task, but with a little planning, it's not an impossible one.
Personal health information is worth 50 times more to thieves than credit card or Social Security numbers, so it's no surprise that healthcare organizations are prone to data breaches. Preventing them is difficult, and so is mitigating the damage they can cause. Here experts discuss how organizations can avoid breaches and a nonprofit that suffered a breach in 2011 explains how it responded.
Healthcare is moving cautiously into cloud computing, virtualization, BYOD and other IT innovations. And there's good reason for the caution. Until an organization's IT leaders take meaningful steps to change what's typically seen as a lackadaisical privacy and security culture, the risk of patient-information loss remains high and costly.
Recent pan-industry data breach reports from Symantec and Verizon Business largely confirm what healthcare already knows about the root cause of its data breaches. But how can organizations step up to improve security?
A recent threat intelligence study reports widespread security vulnerabilities in healthcare organizations, many of which went unnoticed for months. In December, a developer pulled unencrypted data from a 'certified' mobile health app in less than a minute. Why is it so hard for healthcare to get security right?