The Inside Track to a Health Data Breach

Nearly 20 percent of health employees would be willing to sell sensitive health data to unauthorized parties—and on average, for less than $1000. This, according to a 2018 Accenture survey of 912 individuals working in healthcare provider settings or payer organizations.’

Furthermore, the study indicates that respondents from provider organizations were significantly more likely than those in payer organizations to say they would sell confidential data (21 percent vs. 12 percent).

If you work in healthcare (or if you’re a patient who entrusts your personal data to healthcare providers), these numbers regarding insider threats should be of utmost concern. Consider the impact this has on healthcare provider organizations. Beyond the estimated average cost of $3.8 million to remediate an incident, shutting down a system(s) because of a data breach could significantly affect an organization’s ability to deliver quality patient care.

Understanding the Insider Threat

The threat from insiders is not always due to malicious intent. According to Verizon, 41% of the health data breaches were driven by non-malicious misuse of data, including bypassing security measures out of convenience.

To further complicate the matter, insiders cannot be limited to only the employees. Anyone with authorized access to an IT network is an insider. This includes the contracted physicians and their staff, vendors, partners, volunteers and others.

This is why many healthcare providers do not take this topic lightly. In a recent survey conducted by HIMSS and SailPoint, 78% of the responding health IT professionals considered insiders equally if not a greater threat than intrusions from outsiders.3

Addressing Risk of an Insider-Triggered Data Breach

Sensitive information can be stored in applications and data files whether on-premises or in the cloud. To identify and control who has access to what, who should have access and how that access is used, healthcare organizations must apply identity governance. In doing so, organizations can secure sensitive patient data without impeding clinicians’ access to the information they need for delivering quality, timely patient care. Here are several examples of how identity governance is applied.

  • Prevent Data Breaches by appropriately provisioning/deprovisioning access rights
  • Reduce Audit Fines by proving regulatory compliance to auditors
  • Improve Efficiencies by automating access reviews
  • Optimize Workflow through self-service password management and access requests

While these capabilities should be central to any balanced cybersecurity program, we are only scratching the surface of what this technology is designed to deliver for healthcare provider organizations. Identity governance can support privileged account management, provide critical audit trails, and apply machine learning/artificial intelligence to analyze and highlight risky user access. All of these capabilities have significant implications on a healthcare organization’s ability to mitigate security and compliance risk triggered by insiders.

To truly understand how identity governance addresses concerns with insiders, check out the insider threats resource site created specifically for healthcare provider organizations.

Discussion