In this latest blog post we are going to show you how to best set up Nightfall to discover and protect HIPAA data stored across your organization, maintaining patient privacy and helping avoid regulator fines.

With Nightfall’s enhanced PHI detection capabilities, which are based on an advanced combination of logic and context, it is very easy to identify specific instances of PHI unique to organizations. What’s even better is that all of this can be automated and tie seamlessly into existing customer workflows.

Healthcare statistics by HIPAA revealed that healthcare cybersecurity incidents fell by 8% in February 2022 but still faced 46 incidents affecting 2.5 million people.

The wide penetration of internet facilities has its imprint on almost all sectors, including the healthcare industry. With most people using smartphones, the demand for online applications is tremendously increasing. As a result, people are shifting towards tele-medication and treatment. However, every successful product has its drawback. Likewise, the popularity of healthcare applications has also captivated more security threats.

The HIPAA 1996 (Health Insurance Portability and Accountability Act) is a federal law enacted by the U.S. Congress that regulates how healthcare organizations handle PHI (protected health information) and ePHI (electronic protected health information). This includes complex and extensive rules for protecting critical medical data and sensitive patient information, so HIPAA non-compliance is often met with severe penalties.

The healthcare sector has become a popular target for cybercriminals and is one of the most targeted industries by cyber criminals. In 2022, 324 attacks were reported in the first half of the year. As bad actors continue to target the healthcare industry, cybersecurity experts and healthcare administrators should be aware that attacks are frequently impacting smaller companies. These numbers point to unusual trends occurring in the healthcare industry.

The Health Insurance Portability and Accountability Act (HIPAA) is U.S. legislation that sets national privacy and security standards to protect the privacy of patient health information and prevent data breaches. In addition to doctors, hospitals, other healthcare providers, health insurance companies and “business associates” of healthcare organizations fall under HIPAA regulations.

Do ransomware gangs actually have a heart? Perhaps... Just days before Christmas, on the night of Sunday 18 December 2022, Canada's Hospital for Sick Children (better known as SickKids) was hit by a ransomware attack. The Toronto-based teaching and research hospital reported that the attack had impacted its internal systems, phone lines, and website.

A review of recent Kroll incident response cases consistently proves that the healthcare industry is one of the most frequently targeted sectors. This observation mirrors what is experienced by national cybersecurity agencies as multiple warnings have been launched during 2022, highlighting how ransomware gangs and nation state actors are now aggressively targeting healthcare institutions.

Two weeks ago, I had the opportunity to attend and speak at the H-ISAC fall summit here in Phoenix. As always, this conference is a great opportunity to meet back up with customers and friends from all around the Healthcare sector. This leads to illuminating conversations that really give me a higher definition picture of what is happening in the trenches and helps me better understand how the work we’re doing here at Netskope can help.