Future Healthcare Today
  • About
  • Payer
  • Provider
  • Pharma & Life Sciences
Subscribe
No Result
View All Result
  • Digital Transformation
  • Telehealth
  • Cybersecurity
  • Patient Experience
  • Clinicians
  • Resources
    • COVID-19
Future Healthcare Today
  • Digital Transformation
  • Telehealth
  • Cybersecurity
  • Patient Experience
  • Clinicians
  • Resources
    • COVID-19
No Result
View All Result
Future Healthcare Today
No Result
View All Result
Home Cybersecurity

The Human Factor in Securing Healthcare Data

by Jenna Sindle
May 11, 2017
in Cybersecurity, Digital Transformation
Reading Time: 4 mins read
A A
securing healthcare data
Share on FacebookShare on Twitter

All organizations must manage the human factor in defending and protecting data, but healthcare providers and payers have unique challenges. While many think of technology as the frontline solution against cyber threats people are, in fact, the most important factor in information security from the perspective of both network defense and cyber attackers.

You could have the most sophisticated technology in place to protect your networks but if your employees aren’t practicing good cyber hygiene from password best practices to knowing what a phishing email looks like, then you’ve got a significant gap in your security posture. Equally, while we talk about malware and other tools attacking our networks, what we’re really dealing with are the humans behind those tools. If we understand their motivation, how they’re funded and the digital signatures they leave behind, we’re much better equipped to protect our data and our networks.

There are three types of people CISOs and their teams need to keep in mind when designing their cyber defenses. The first is the malicious insider – the person who feels that they’ve been wronged by the company they work for; the second is the cyber attacker – the compromised insider who’s motivated by financial gain or supporting nation-state goals; and finally the accidental threat – the person who means no harm but whose lack of awareness leads them to expose data to risk.

Each type of human threat vector needs a defense strategy that’s part of the overall information security posture so that the information from each attack becomes part of the broader anomaly detection process. The more you understand about your network threats the more likely you are to be successful in preventing intrusions, reducing dwell time, and successful remediation. Healthcare organizations that have invested in next-generation technology that leverages machine learning are able to gain even more insight by applying analytics to understand user behavior and identify and remediate anomalous activity far more quickly.

The convergence of human activity, machine learning and the application of analytics to detect and remediate anomalous behavior is just one example of putting all three parts of the information security equation together for great effect. The next generation of security products focuses on this intersection. Another interesting tech example is adding a DVR-like agent to an endpoint, like a desktop or laptop, which is triggered to record if a policy is violated or anomalous behavior is detected. For instance, if someone is using the endpoint outside their normal business hours, it would trigger recording and alert analysts, who can quickly determine which of the three buckets the individual using the endpoint falls into. These types of tools help organizations defend their networks more effectively, mitigate and remediate the incursion more efficiently, and protect highly sensitive data in ways we haven’t been able to before.

In the end, there are three key steps to ensure healthcare data is protected in your organization; each one involves collaboration between people and technology to drive better information security.

First: Educate your employees and end-users on everything from password security to how to recognize a phishing email.

Then: Bring in business unit stakeholders and collaborate to assess and assign risk for each part of the organization based on what data each stakeholder collects, where that data is stored and how they need to access and use information.

Finally: Develop workflows and governance rules to prevent data loss. For example, with Epic introducing cloud-based records systems, information that was once stored on-premise will now be stored in a hosted facility. CISOs need to adjust information access policies according to the types of new vulnerabilities introduced by this change, which includes the ability to access PHI via mobile devices from anywhere. In this situation, it would be wise to introduce tiered access policies and two factor authentication (2FA) at a minimum.

Interested in learning more about the human factor in protecting PHI and PII? You can find useful resources here.

Tags: 2FABig Data Analytics SecurityEHR SecurityEndpoint SecurityEpicForcepointhealth IT securityHealthcare Information SecurityMachine Learning Securitytwo factor authentication
Advertisement Banner

RELATED POSTS

HIMSS 2022: Interoperability to Shape Conference Conversations
Patient Experience

HIMSS 2022: Interoperability to Shape Conference Conversations

March 10, 2022
Contributed Articles

Cybersecurity Threats Facing the Healthcare Sector During the Pandemic and How to Defend Your Organization

May 26, 2021
Brian Pruitt Shares his Insights on Getting the Most out of HIMSS20
Digital Transformation

Brian Pruitt Shares his Insights on Getting the Most out of HIMSS20

February 27, 2020

TRENDING NOW

  • National Provider Directory

    National Provider Directory: Part 1 of New Regulatory and Legislative Activities for CMS

    515 shares
    Share 206 Tweet 129
  • CMS Looks to Simplify IDR Process: Part 3 of New Regulatory and Legislative Activities for CMS

    501 shares
    Share 200 Tweet 125
  • Advanced Explanation of Benefits: Part 2 of New Regulatory and Legislative Activities for CMS

    505 shares
    Share 202 Tweet 126
  • Health-Seekers Level Up Self-Care with Gamification Apps

    511 shares
    Share 204 Tweet 128
  • Interconnectivity in Healthcare is the Key to Collaboration Which Delivers Better Patient Outcomes

    720 shares
    Share 288 Tweet 180

CONNECT WITH US

Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner

BECOME AN INSIDER

Get Future Healthcare Today Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Government Technology Insider
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home – 2021
  • About
  • Contact Us

Become a Sponsor

Future Healthcare Today offers content and advertising sponsorships to leading healthcare solution and service providers. Interested in becoming a sponsor? Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About
  • Payer
  • Provider
  • Pharma & Life Sciences
  • Categories
    • Digital Transformation
    • Telehealth
    • Cybersecurity
    • Patient Experience
    • Clinicians
  • Contact Us