In the information security world, few industries have as much sensitive data to protect as the healthcare industry. To complicate matters, the healthcare industry has fallen victim to a series of high-profile data breaches and cyber attacks as of late – several of which weren’t at the hands of external sources – but organizations’ employees.
As the healthcare industry is shaped by new technologies designed to maximize visibility and facilitate care delivery, organizations have inadvertently acquired a gaping weak spot in their IT infrastructures, making it easier than ever for employees to steal and share sensitive patient information.
Veriatio’s 2018 Insider Threat Report performed with Cybersecurity Insiders revealed that 90 percent of organizations surveyed felt vulnerable to insider attacks. Moreover, these organizations considered inside threats to be more challenging to prevent and detect than external attacks. No matter the source of the threat, a data breach or cyber attack will yield the same damage to a health organization’s reputation and rack up remediation costs and HIPAA fines.
Fortunately, cybersecurity technology is evolving to manage healthcare’s growing insider threat problem. IT solutions are garnering popularity in the sector, bolstering existing EHR systems and IT infrastructure to safeguard patient data, prevent costly breaches, and help organizations meet HIPAA security requirements.
Tech solutions are maximizing visibility of operations and ensuring HIPAA adherence with capabilities like:
Risk Analysis Monitoring: Software can track how users access, interact with, and use patient data. It can learn baseline behaviors and send alerts when it detects anomalies that may signal a threat. This capability means healthcare organizations have a clearer picture of what exactly is happening with their patient data. It allows them to assess the confidentiality, integrity, and availability of sensitive information across all applications and platforms. Finally, organizations can get a comprehensive look at who is accessing sensitive data and how they are using it. By utilizing software to keep an eye on employee-data interaction, insider threats are flagged quicker, more accurately, and with more efficiency than ever before.
Information System Activity Reviews: Threat prevention software can also catalogue activity on a user-by-user basis. This not only shows when sensitive patient data is accessed, but also records the actions before and after the data retrieval. This can let organizations see what likely prompted the data retrieval, what was done with the data, and whether or not it was a secure behavior. This review capability can also reveal behavior patterns so that if users don’t follow their typical process, those actions will trigger a potential threat alert. Reviewing per-user activity helps IT profile individuals to get an idea of who in the organization are participating in risky behaviors that could lead to a data breach. The capability to detect unusual activity based on individual patterns means a malicious insider can be detected quicker and easier.
Audit Controls: To be HIPAA compliant, healthcare organizations are required to have methods to monitor activity within systems containing patient data. But to have a clear understanding of what’s actually happening with that data, security teams need to see more than just user activity within an EHR. Now, organizations can invest in technology that can monitor user activity not only within systems containing patient data – but also within any other application. This allows security teams to see what actions a user takes surrounding the access point, so they can understand what was done with the data.
Overall, security tech is streamlining processes for healthcare organizations to demonstrate HIPAA compliance by bolstering the security of sensitive patient data with in-depth assessments of who is using the data and how they are using it – pointing security teams to suspicious activity or gaps in coverage.
It’s imperative that health organizations admit that insider threats aren’t just possible – they’re inevitable. From malicious insiders to uneducated, but well-meaning employees, patient data is in danger from the inside of your organization. Put emerging technology to use protecting your data from the inside threats to your company.
Mike Tierney is CEO of Veriato, a behavior analytics and monitoring company that develops solutions to provide companies visibility into insider activities to improve their security.