A series of phishing attacks at UnityPoint health has resulted in the breaching patient information. According to a recent journal, 1.4 million consumer patients received notification regarding possible information breaching. These phishing attacks came as a series of phishing emails meant to target employee email accounts. Medical record numbers, diagnosis information, insurance information, as well as credit card information may have been compromised.
Healthcare Data Breaches
The breaching at UnityPoint represents the latest example of cyber attacks in the healthcare sector . Similarly, UnityPoint Health faced another cyber attack back in April after employee emails were compromised. Consequently, these cyber incidents represent a lack of security measures in the healthcare sector. Specifically, healthcare cyber security remains a threat due to online networking with clinicians, providers and patients. In addition to online networks, healthcare breaches can result in financial costs. According to HIPAA, the average cost of a data breach is $3.62 million which remains higher than any other industry sector. Fortunately, healthcare companies can utilize effective security measurements and protocols to combat cyber data breaches.
Cyber Protection Methods
Ensuring a proper security system to protect data from online threats requires managing software programs as well as train employees to understand external online threats. With that said, the following guidelines include security measurements for healthcare data protection
- Two-Factor Authentication for employee accounts
- Encrypt Patient and employee data
- Update software programs ( Firewalls and and antivirus protection purposes)
- Perform network and application scanning for vulnerabilities
- Train employees on security measurements
Finally, it’s important to note that data breaches also involve HIPAA guidelines. As a result of cyber attacks, HIPAA implemented a breach notification rule which requires covered entities to notify affected individuals of any breaching incident. The policy also mandates covered entities to notify individuals within 60 days of a breaching incident.
Learn more about security and privacy controls for healthcare management. Visit our website today to get started
References
1.4 Million Patients Warned About Phishing Attack. (2018, July 31). Retrieved from https://www.hipaajournal.com/unitypoint-health-phishing-attack-1-4-million-patients/
Healthcare Data Breach Costs Fall to $380. (2017, June 21). Retrieved from https://www.hipaajournal.com/healthcare-data-breach-costs-2017-8854/
HIPAA Basics for Providers. ( 2016, August). Retrieved from https://www.cms.gov/Outreach-and-Education/Medicare-Learning-Network-MLN/MLNProducts/Downloads/HIPAAPrivacyandSecurityTextOnly.pdf
