6 Ways to Combat Internal Threats to Data Security

by Mary A. Chaput | Aug 31, 2015   ()

More than 9 out of 10 health-care data breaches affecting 500 or more individuals published on the U.S. Department of Health & Human Services website were caused by organizations’ own employees, not hackers. Virtually every complaint of privacy violations investigated by the Office for Civil Rights (OCR), a division of the HHS, and resulting in corrective actions involved unintentional or malicious violations by employees.

While organizations fret over the next cyber attack, more than 50% health-care breaches are due to lost or stolen laptops, backup tapes, and mobile devices containingunencrypted data. Then there are the everyday human errors that happen at companies in every industry, like a worker leaving the door to the server room unlocked and putting passwords on a sticky note under the keyboard.

Even the majority of health data breaches that are categorized as “IT Incidents/Hackers” are the result of employees clicking on phishing messages or succumbing to social engineering.



News Archive