Criminals pay ten times more for personal health records than they do for stolen credit cards. The reason? The information contained in a person’s medical file runs so deep that identity theft is markedly easier. Healthcare has proved a lucrative target for hackers. And with the increase in healthcare data breaches costing the industry $6.2 billion annually, it’s clear that true cyber security needs to go beyond HIPAA compliance.
MediaPro recently polled 850 healthcare employees across the U.S. and found that 89% of healthcare organizations have experienced a data breach involving the theft of PHI (protected health information) in the past two years. Yet only 28% of healthcare employees demonstrated the privacy and security awareness to prevent such incidents. More than 18% of these employees were considered risks, meaning their lack of awareness could put their organization in jeopardy of a potentially serious privacy or security incident.
Relying solely on HIPAA compliance as a safety net is not effective. HIPAA courses often do not include information on how to stay cyber-secure. The content does not usually address general cyber security awareness, how to identify threats like malware or phishing attacks, and how employees can often be the first line of defense against a security threat if properly trained.
SLPowers compliance experts live, sleep, and breathe HIPAA HITECH. They know the industry, they know how the bad guys operate. Moreover, they’ll provide employee training that educates about the risks of sharing personal information on the Internet as well as how to recognize a targeted attack and what the protocol is when such a scenario arises. They can keep you both compliant and more secure. Give us a call.