Last month, we hosted a webinar with our CISO, Karim Beldjilali, who was formerly the CISO of Rightway a healthcare startup. Karim shared important security lessons for healthcare organizations leveraging cloud applications across their workforce. We briefly share the highlights below.
HIPAA Security Rules and Privacy Rules were established to secure the Protected Health Information (PHI) data of patients that healthcare organizations collect, process, and/or transmit. The regulation has identified 18 HIPAA Identifiers that are considered as Personally Identifiable Information (PII) which is a part of the PHI data.
Cyber risks are prevalent in all healthcare institutions, and understanding how to mitigate those risks is especially important in today’s cyber landscape. Cyber risk is the sum of all IT risks that can potentially lead to the loss or exposure of critical data, financial damages, reputational damages, and operational stoppages due to a data breach or data leak. Measuring cyber risks involves determining the likelihood and impact of each cyber threat.
The findings from a recent Gartner Peer Insights survey- Cybersecurity in the Healthcare Industry- show that nearly half of participating healthcare organizations have experienced a data breach in the past two years. As the number of connected and unmanaged devices increases, threats targeting IoT, IoMT and OT devices can undermine patients' confidence in the ability of healthcare organizations, and the industry as a whole, to deliver high-quality care and protect their safety.
Cyber insurance is becoming increasingly important and necessary as cyber attacks become more sophisticated and frequent. Healthcare is one of the most targeted industries because of the valuable medical data they handle and the lack of proper cybersecurity protections. Although cyber insurance doesn’t prevent security breaches, it provides a safety net for businesses to cover their financial losses.
How geopolitics and hacktivism is causing trouble for the healthcare industry
According to a report released by IBM and Ponemon, the healthcare sector has the highest rates of security breaches and cyber attacks globally. The average cost of a data breach for healthcare organizations is around $10.1 million, while the global average for all industries sits around less than half of that amount, at about $4.35 million.
Over the past several decades, cybercrime has evolved to be more comprehensive, threatening, and damaging. There is an emerging trend of cybercriminals attacking all sorts of individuals and organizations in the industry. The healthcare industry has been a soft target for many years and healthcare data is a prime target for cybercriminals intent on stealing data.
