The threat of a data breach in a health care facility is daunting. Privacy is the foundation of hospitals’ information systems, and compliance with the Health Insurance Portability and Accountability Act (HIPAA) – along with the facility’s reputation – will be jeopardized if just one patient’s information falls into the wrong hands. Health care facilities are particular targets for two reasons:
- Type of data stored: Health care facilities may keep a patient’s social security number, insurance and financial account data, birth date, name, billing address and phone, making them a valuable target for cyber attack.
- Many potential vulnerabilities: Health care facilities are obligated to provide access to several external networks and Web applications in order to stay connected with patients, employees, insurers or business partners. The volume of data shared represents a risk.
It is much less costly, both from a financial and reputational point of view, to prevent a cyber breach than to notify individuals and the Department of Health and Human Services of a breach as required by HITECH. To read the full article, click here. For more information, contact Meagan Krause Kohut at mkohut@deeleyinsurance.com or Nikki Strickler at nstrickler@deeleyinsurance.com.
