Mark Twain is often credited with the line:
“Everybody talks about the weather, but nobody does anything about it.”
This spring, everyone was talking. In fact, if April is famous for its plentiful showers, then 2019 was legendary. Across the country, a number of all-time rain and snowfall totals were shattered: Asheville, NC, for example, saw 9 inches; Watertown, South Dakota was hit with 25 inches of snow – in just three days.
But it wasn’t just the ground that got soaked in April:
A veritable storm of healthcare data breaches hit the industry hard; in fact, a recent report reveals that April had the most data breaches of PHI reported to date (46)!
Just when you thought it was safe to share a medical record! After all, 2018 had been averaging much lower numbers of healthcare data breaches per month (29.5), with only (23) breaches reported this past December. Since then, we’ve been in the low 30’s – at least until April arrived.
And according to the summary of 2019 data breaches thus far, reported by the Office of Civil Rights, this bad weather trend of high numbers seems to be continuing. May followed up April’s high with (44), and the two months combined have resulted in nearly 2 million persons having their Protected Health Information (PHI) exposed.
So, How’s Your Email?
So much for the statistics. Fortunately, this storm of data breaches is “weather” we can do something about.
For example, we know that around half of all the breaches in April involved PHI contained in email accounts. Email phishing scams, especially those targeted at Healthcare Providers (who also accounted for 34 of the breaches in May), were particularly effective at wreaking havoc. Which brings up an important question:
Are you prepared for the storm that comes with a breach of your sensitive data?
These damages can be catastrophic – not only in terms of potential fines and loss of business reputation but especially for those patients who’ve had their personal health information divulged.
So, how will you (and your staff) recognize and resist the deceptive lure of an email phishing scam? Prevent a possible breach of your network? Security awareness training for all is the key.
How HIPAA Vault Can Help
This is why HIPAA Vault – a longtime leader in low-cost, HIPAA compliant hosting and managed security – is expanding our services to include this vital cybersecurity training. HIPAA Academy (powered by Infosec) is now available to help you promote and instill these strategic security behaviors for your organization.
Through specialized computer-training modules that teach key cybersecurity insights and simulations (including phishing scams, recognizing malware and attachments. and more), HIPAA Academy is designed to bring your staff up to speed on these critical behaviors. And a well-trained staff is actually your best defense.
Securing your email and making it HIPAA compliant through end-to-end encryption is a foundational requirement for transmitting PHI. If you haven’t explored these services, you can do so here. This, along with a well-trained staff that recognizes possible attacks on your data, is vital to resist the coming storm.
HIPAA Vault is the leading provider of HIPAA compliant, managed cloud solutions, enabling healthcare providers to secure their sensitive, protected health information from data breaches and security vulnerabilities. For more information on HIPAA Managed Hosting and Cloud Solutions contact HIPAA Vault today!