Enforce Policies on Lost or Stolen Devices
Forty-three percent of data breaches are due to lost or stolen devices, with smartphones and tablets outranking desktop and laptop computers as the devices most likely to go missing. There are numerous examples of employee negligence-related data leakage. At Oregon Health & Science University (OHSU) the PHI of approximately 1,000 patients was exposed when an unencrypted laptop was stolen from an employee's car. In a separate breach, also at OHSU, the PHI of 14,000 patients was compromised when an unencrypted thumb drive was stolen from an employee who brought it home without authorization.
Even when devices are stolen, encryption can prevent data getting into the wrong hands. This makes it vital for organizations to not only implement clearly-defined procedures for protecting mobile and employee-owned devices, but also to enforce them.
5 Ways Health Care Can Achieve Stronger Data Security
5 Ways Health Care Can Achieve Stronger Data Security
The world of health care has been drastically transformed through the development of electronic systems used to transmit data between physicians, diagnostic clinicians, lab techs and other practitioners. Although they have advanced patient care, these systems also make securing of protected health information (PHI) far more complicated than the old "lock and key" approach.
Although more than a year has passed since the cyber attack on health insurance giant Anthem, many industry experts are still asking questions: What went wrong? Who is at fault? Were there preventative measures that could've been taken? And while these questions have yet to be answered, immediate action must be taken to achieve better security. In this slideshow, Mark Hickman, COO at WinMagic, discusses the top five ways health care organizations can protect themselves from a data breach.
