2015 has been cited as the “Year of the Healthcare Data Breach,” and sure enough the data for the year has been supporting this. The average cost of a data breach is highest in healthcare than in any other industry, up now to $5.9 million per breach. With healthcare data breaches on the rise, being more targeted now than at any other time, and with the cost per breach rising, healthcare is being set a stiff challenge to protect sensitive data. Compounding this challenge is the fact that healthcare organizations face more “risky” scenarios than ever before.
In an article on CSO Online, Maria Korolow outlines the unique security challenges facing healthcare organizations, including:
- Personnel issues related to the large number of people who need to access patient records, some of whom are temporary
- Device issues, with sensitive data spread across many devices – laptops, mobile devices, servers, desktops and specialized devices for inputting medical data
- Medical equipment issues related to devices that often have closed systems and can create a back door into hospital networks
The value of PHI to cybercriminals just keeps going up, meaning that cybercriminals are out to exploit any weakness they can find. Forrester estimates that 78% of data breaches in the healthcare sector are due to lost or stolen devices. Other estimates tie up to 90% of all security incidents back to “people” – mistakes, phishing, bad behaviour, or lost stuff.
The article on CSO Online talks about the need to protect all devices that access sensitive data: to quickly be alerted of loss, to remotely wipe data, and get the clinician up and running again. The article reiterates the importance of ongoing updates to security controls in healthcare and how well those security controls are managed. In addition, the issue with “people” being the root cause of many data breaches is a reminder to focus both on education and on data breach preparedness – since mistakes will happen.
How we can help: Your data security strategy should be bolstered by a persistent security and management solution that offers IT a trusted lifeline to each device in their deployment, regardless of user or location. Using Mobile Device Management Software as your solution, IT administrators have the ability to receive encryption and anti-virus status reports, monitor potentially suspicious devices, and remotely invoke pre-emptive or reactive security measures such as device freeze, data delete or data retrieval. At S3 Corp., we are among the leading Viet Nam Software Outsourcing companies whose expertise lies in Data security. We have been partnering with many world leading IT technologies in MDM, which have proven S3 Corp.’s expertise data security industry.