How To Protect Healthcare Records In A Zero Trust World
Louis Columbus writes:
- There’s been a staggering 298.4% growth in the reported number of patient records breached as a result of insider-wrongdoing this year alone according to Protenus.
- The total disclosed number of breached patient records has soared from 1.1M in Q1 2018 to 4.4M in Q3 2018 alone, 680K of which were breached by insiders.
- There were 117 disclosed health breaches in the last 90 days alone.
- On average it’s taking 402 days to discover a healthcare provider has been breached.
Using access credentials stolen from co-workers or stolen laptops, unethical healthcare insiders are among the most prolific at stealing and selling patient data of any insider threat across any industry. Accenture’s study, “Losing the Cyber Culture War in Healthcare: Accenture 2018 Healthcare Workforce Survey on Cybersecurity,” found that the most common ways healthcare employees financially gain from stealing medical records is to commit tax return and credit card fraud.
Treating healthcare’s breach epidemic needs to start by viewing every threat surface, access point, identity, and login attempt as the new security perimeter. Healthcare providers urgently need to take a “never trust, always verify” approach, adopting Zero Trust Security to protect every threat surface using Next-Gen Access for end-user credentials and Privileged Access Management (PAM) for privileged credentials. One of the leaders in Next-Gen Access is Idaptive, a newly created spin-off of Centrify. Centrify itself is offering Zero Trust Privilege Services helping over half of the Fortune 100 to eliminate privileged access abuse, the leading cause of breaches today. Centrify Zero Trust Privilege grants least privilege access based on verifying who is requesting access, the context of the request, and the risk of the access environment.
Read more on Forbes.
Disclosure: DataBreaches.net provides data and analyses to Protenus, Inc., whose findings are cited in this Forbes piece.