Wednesday, October 16, 2013
Insecure email leads to healthcare security breach
Security breaches can occur from a variety of instances, with many stemming from employees who have been careless or negligent with certain corporate tasks.
Secure File Transfer
Security breaches can occur from a variety of instances, with many stemming from employees who have been careless or negligent with certain corporate tasks. Although data exposure is a problem for any company, it is especially significant for healthcare organizations, given the sensitivity of patient records. The Gaston Gazette recently reported that an insecure email sent by an employee from CaroMont Health revealed patient names, birth dates, insurance company names, addresses and telephone numbers from more than 1,300 people.
A spokeswoman explained that the vulnerability was discovered in August during a standard security audit.
"Based on the information gathered through the investigation, there is no reason to believe that the email was intercepted or received by anyone other than the intended recipient, and there is little immediate risk to health or financial information," CaroMont Health noted in a statement, the news source reported.
Email is a popular communication tool for employees, making it necessary that staff members also take the proper precautions when sending messages through this channel. To avoid putting patient data or corporate information at risk, organizations should consider adopting secure file sharing tools to avoid exposing content that may lead to compliance fines and public distrust.
Organizations lack resources to stop all data leaks
Organizations, regardless of the industry, are struggling to keep data safe at every access point. A survey of 3,529 IT and security professionals by the Ponemon Institute found that every respondent had experienced at least one breach in the past two years. During this time frame, more than half of participants reported that the frequency and severity of attacks increased.
Once an organization experiences a breach, response time is far too long. The survey found that it takes an average of 80 days for firms to identify the root cause of the incident and another 123 days to rectify the situation.
Larry Ponemon, chairman and founder of the Ponemon Institute, said the current security landscape is a grim one for organizations.
"Our study confirms that organizations are facing a growing flood of increasingly malicious data breaches, and they don't have the tools, staff or resources to discover and resolve them," said Ponemon. "Meanwhile, months are passing as their key information assets are left exposed. The results demonstrate a clear need for greater and faster visibility - as well as a need to know the root cause of the breaches themselves - in order to close this persistent window of exposure."
Organizations that do not want to find themselves trying to respond to a security breach must not only have the right tools in place, but also educate the workforce on potential threats. It is imperative that all staff members realize that any misstep sending data can result in exposure of sensitive content. Firms should explain the benefits of secure file sharing solutions and how these options are the safest way to keep data in-house.