Security Scare Reminds Healthcare Leaders to Stay Alert
Published: February 09, 2015
Every so often, an incident takes place in the world of healthcare that turns heads across the entire sector, raising red flags and forcing decision-makers to take a close look at the way they organize and manage their operations. As data breaches and other cybercriminal incidents have taken place with growing frequency across sectors, cybersecurity has come into focus as a top-of-mind IT component in healthcare. Now, leaders in the industry have seen first-hand that even the most robust networks require close monitoring and compliance standards to remain protected from digital threats.
Although the healthcare sector has managed to stay relatively secure amidst the widespread cybersecurity crises of the retail and financial services arenas, a recent breach at America's second-largest health insurer, Anthem, is serving as a solemn reminder that network defense is a full-time job for organizations everywhere. According to Yahoo News, the 40 million individuals served by the provider may have had their information compromised, including names, phone numbers, Social Security numbers, home addresses, employment data and more. National leaders have already come forth with statements.
"This attack is another reminder of the persistent threats we face, and the need for Congress to take aggressive action to remove legal barriers for sharing cyber threat information," Texas Representative Michael McCaul, a chairman of the Committee on Homeland Security, said in a press conference this past week, according to the source.
While the exact numbers of exposed patient files have yet to be revealed, Yahoo News suggested that the Athena breach may indeed turn out to be the biggest ever seen in the healthcare sector, proving that decision-makers would be wise to initiate evaluations of their network defenses and educate end users about their responsibility to uphold strong security measures. Institutions should also have incident response plans in place, ensuring that in the event of an emergency, the organization will be able to navigate through its issues in a collected and transparent manner.
Healthcare organizations may have their internal compliance standards on lock, but when it comes to provisioning cloud applications and other third-party IT resources, poor practices can tend to go overlooked. Institutions that partner with cloud providers for services such as ERP software for healthcare must run thorough assessments of their vendors before they integrate these resources into their infrastructures, making sure they select a trustworthy partner.