Cyber Challenges for the Healthcare Industry

According to the Identity Theft Resource Center, the Health/Medical sector comprised 35.5 percent of the total overall reported breaches in 2015. The 2016 Verizon Data Breach Investigations Report indicates that 95% of confirmed web-application breaches are financially motivated. A 2016 Ponemon Institute study estimates that over the past two years the average cost of a data breach for a healthcare organization is more than $2.2 million.

Regulatory Obligations and Industry Standards for the Healthcare Sector

Protecting confidential information is more than just a sound business practice: it is a legal and ethical obligation. Healthcare organizations are subject to the Health Insurance Portability and Accountability Act (HIPAA). In August 2014, the Department of Health and Human Services (HHS) announced it plans to implement random HIPAA audits to monitor compliance, and the HHS Office for Civil Rights recently launched an initiative to provide guidance to HIPAA covered agencies in terms of how they can handle ransomware. The Food and Drug Administration has also issued guidance requires the protection of PHI, and 47 states have their own data security laws for the protection of this data. In addition to federal and state regulatory obligations, many healthcare organizations are following industry trends of certifications such as HITRUST and SOC 2 to further bolster their own security standards.

healthcare cyber security

Fortalice’s Expertise in the Healthcare Sector

A wide breadth of healthcare organizations across the country entrust the Fortalice team to provide its cyber security services. Our expertise is relied upon by hospitals, healthcare cost management providers, direct services organizations, and non-profit providers of healthcare support and information. Our steadfast support for these healthcare organizations ranges from providing penetration testing, risk assessments, cyber intelligence assessments, forensics, incident response, and the design of secure technology infrastructures. While our cyber risk client engagements are short, once the relationship is established, our customers come back to us as long-term trusted advisors on the myriad of emerging cyber security issues that they face.

healthcare cyber security

Latest from the Wall