It was reported last week that a nurse was fired for accessing hundreds of patient records, at Belleville General Hospital in Canada. At this stage it is unclear what information was accessed, but this could include the names, addresses, birth dates, health card numbers and other health information of patients. This type of data is particularly valuable to criminals (often worth up to ten times more than credit card data), as it can be used for ID fraud purposes and the resulting fraudulent activities often go undetected for some time. An ongoing investigation is in place to identify when the Belleville information was accessed, but it is believed to be an isolated incident.
This is not the first healthcare related data breach and it is unlikely to be the last. In fact, there are increasing numbers of reports hitting the headlines, relating to phishing attacks, cyber security, print security and human error, to name a few examples.
Because of all these threats, it is time for the healthcare sector to assess their current security strategy to ensure they have invested in the right solutions to protect and monitor their organization from possible data security breaches. Only by performing this activity can they be sure they have sufficient measures in place to protect patient data from getting into the wrong hands. In addition, compliance with HIPAA (The Health Insurance Portability and Accountability Act) is equally important so this should also be fully examined.
To start this process, customers should be encouraged to learn how others have approached this important task. Read and forward this case study to your customers to show them how one healthcare organization has overcome this challenge, whilst enhancing compliancy with HIPAA.