The what ifs: Navigating compliance, OCR enforcement, and the PHI risk threat landscape
What are the biggest risks to patient privacy and security that face healthcare organizations today? The largest threats resulting in the most damaging breaches revolve around these “what if” scenarios:
Self-Modification: Many breaches result from users modifying their personal medical records. This “what if” scenario results in problems such as deleted charges, the self-prescribing of narcotics, and the altering/removal of undesirable medical results. If self-modification was happening at your organization, would you know? And what would the implications be?
Patients-of-Interest: Increasingly, the health records of patients that are celebrities on a national or global scale are often the targets of breaches. The illicit publication of the records of high-profile patients such as George Clooney, Farrah Fawcett, and Britney Spears has generated world-wide headlines for some very unfortunate healthcare organizations.
Compromised/Misused Credentials: Phishing attacks. Malware infections. Disgruntled employees. All are threats that can result in the compromise and misuse of users’ credentials. And increasingly, organized crime is targeting healthcare organizations for gaining illicit access to employee credentials. (Did you know that some criminal organizations are even sending operatives through nursing school just to have insider resources for accessing user credentials?)
Complicating the issue is the fact that many healthcare organizations can’t even identify all their users during audits. Or they can’t audit for a specific user across all applications.
Watch this on-demand webinar for details on these “what if” threats, and action plans for countering these threats