Healthcare Data Security Requires Active Employee Participation!
The healthcare industry is being ravaged by threats which show no sign of abating. Increasing ransomware attacks can seriously cripple hospital networks and hamper services. Healthcare data is highly prized on the black market as there are several lucrative ways to use it for fraudulent means, making it a more attractive target than financial or other types of personal data.
Even as the hospital security understands these threats and worry about the theft of sensitive patient data and invest in technical controls to protect their network, they frequently overlook the human element in security. Most hospitals have an effective security policy, but without adequate awareness and training, the staff might open suspicious links or take needless risks that compromise on it. They need to be educated on secure, risk-free behavior and the essential strategies to ensure data security.
A security campaign for healthcare workers needs to gradually develop as an ongoing behavioral program that starts by conducting a high-level risk assessment to identify organizational issues and how staff behavior affects them. Device malfunction, system outrages and stolen or manipulated data contribute to risks that staff needs to be made aware of, along with how to react to each.
The content of the behavior-change security program should be interesting. It is essential that it is not generic but aids workers in understanding the importance of security and their role in protecting data. Ensuring that only relevant information reaches each employee increases the attention paid to this information, which should be constantly reinforced at teachable moments. Depending on the organization, gamification may also be used effectively to encourage appropriate practices.
The security behavioral program should empathize with healthcare workers and seek to integrate data security into their daily responsibilities alongside patient care.
By Linda H. Butler, VP of Medical Affairs/CMO/CMIO, Rex...
By Laura Cruz, Global CIO, MDC Partners
By Greg Morrison, SVP & CIO, Cox Enterprises
By Lowell Gilvin, Chief Process Officer, Jabil
By Joe LaFeir, SVP, IS&S (Information Systems & Solutions),...
By Gerri Martin-Flickinger, CIO, Adobe Systems
By Aaron Weis, VP & CIO, Axalta Coating Systems
By Levon Hooks, CIO-Global Corporate Solutions, JLL
By Steve Bein, VP-GIS, Michael Baker International
By Sam Schoelen, Chief Information Technology Officer,...
By Georgios Kyriakopoulos, VP of Equity Research, SunTrust...
By David Sliter, VP & GM of Communications, Media &...
By Julie Stafford, SVP Strategic Consulting, Tangoe
By Dan Adam, CIO, Extreme Networks
By Scott Craig, Vice President of Product Marketing, Lexmark...
By Aaron Gette, CIO, The Bay Club Company
By Dr. Volker G. Hildebrand, Global VP, SAP Hybris
By Meerah Rajavel, CIO, Forcepoint
By Philip Loftus, SVP IT & CIO, SSM Health
By Christy Hartner, SVP, Commerce Bank