Whether they’re deliberately introducing infections or just careless about data hygiene, people who work in healthcare are a big reason for the ill health of the industry’s cybersecurity.
A March report from Verizon found that nearly six in ten cybersecurity incidents in the healthcare industry involve insiders — sometimes just to look up personal information about friends, family members, and celebrities out of curiosity, but often stealing data for tax and credit fraud. In fact, a survey released in March by Accenture revealed that 18% of healthcare employees expressed a willingness to sell confidential data to unauthorized third parties for as little as $500. Another 24% said they actually know someone who had sold their access credentials.
To mitigate this threat and protect sensitive Patient Health Information (PHI), healthcare organizations need to take preventive measures like implementing disk encryption, regularly reviewing PHI access logs, and developing an incident response plan. Check out Xantrion’s guide to the most critical aspects of risk assessment, then contact us for help inoculating yourself against insider threats.