Why Health Data Security Still Has Catching Up To Do

[InfoSec News <alerts () infosecnews org>]

http://healthitsecurity.com/2014/11/17/health-data-security-still-catching/

By Elizabeth Snell
Health IT Security
November 17, 2014

There is no question that the healthcare industry and its subsequent 
health data security options have made great strides over the last several 
years. However, with cyber thieves more interested than ever before in 
medical information, it is essential for healthcare organizations to go 
beyond the standard HIPAA compliance standards.

Mark Ford, Principle of Deloitte Cyber Risk Services, specializes in the 
healthcare industry and discussed the current cyber threats and health 
data security issues with HealthITSecurity.com. According to Ford, the 
healthcare sector has come a long way in the last five years alone. 
However, the industry is still behind others – such as manufacturing and 
financial services – in terms of implementing the necessary cyber risk 
prevention measures.

“What I’ve seen over time is the industry is making progress,” Ford said. 
“It’s still kind of slow, it’s more reactive, and has a more compliant 
focus still. There’s a pretty significant gap between where they are today 
and where they ultimately need to be. The only way to close that gap is to 
obviously understand what it is and does to make sure they can lift 
themselves up to another level of maturity in the future.”

For example, Ford explained that from the mid-1990s to the early 2000s, 
approximately 70 percent of the online threats to the healthcare industry 
were from insider threats. The rest was relegated to hacker threats. 
However, that has shifted as there are now different types of hackers.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/