From June to December of 2019, more than 500 data breaches were reported in Australia. This was an increase of 19% over the previous six months… Is your data safe?
Health service providers were the leading source of data breaches, accounting for 22% of all breaches. Most of these were the result of malicious or criminal attacks such as malware, phishing, brute-force attack and compromised or stolen credentials. A third of the breaches were the result of human error. Just one of those reported breaches affected 10 million or more patients.
These numbers show the widespread problem of data breaches for health care providers. For the individuals affected, having their personal information sold on the black market creates a mess than can affect them for years. For the providers, on top of having to deal with notifying the individuals affected, the potential disruption to clinical activity, and the loss of confidence in your business, you now have to reassess your entire security system.
Clearly, protecting your data is just as important as protecting your business from disasters like fire or theft.
Data in different places
For many healthcare practices, data is stored in numerous locations. The patient’s file may be in a filing cabinet, or in a computer file. If a patient uses multiple providers, they may have files spread across doctor’s offices and hospitals. Who can make sure that all of this is kept safe?
The My Health Record system endeavoured to collate a person’s health data. However, it has been breached multiple times, risking exposure of personal information. As a result, legislation was passed so that Australians can opt in or out of My Health Record at any time.
Keeping data safe seems to be an unobtainable goal. How can you be confident that you’re doing everything possible?
What you can do to secure your data
Preventative action is necessary to combat data breaches before they happen.
- Assess your existing privacy policy. Make sure it meets or exceeds the required standards and is available for anyone to find.
- Review processes around data security.
- Educate staff on procedures and the importance of data protection. Do it regularly so the information stays at top of mind. One employee error can expose the whole system.
- Develop a data breach management strategy so that you’re prepared to contain a breach and minimize harm. A rapid response, transparency and decisive action can go a long way to mitigating damage.
- Investing in Cyber Security Insurance is recommended. In the event of a breach, you can call on your insurance agent to help with security investigations, damage control and mitigation.
As data leaders, we are very passionate about data security. We urge everyone to ensure appropriate cybersecurity measures are in place and that staff are educated about their role in guarding against security risks.