Data Security Tops list for the American Medical Association (AMA)
2016 is an important year for Cybersecurity in health care sector. As hospitals and health organizations improve their cybersecurity tactics to meet ever-important HIPAA legal requirements, bad actors continue to develop more intricate methods compromise health organizations. In addition, the organizations themselves need to consider data loss and increased exposure due to their own procedures and policies of data handling as was the case with UI Arnett Hospital in November 2015 with the exposure of 30,000 medical records simply due to “losing” a portable hard drive. The issues move further down to consumer devices with a recent hack of FitBit data from their wearables.
2015 was clearly a big year for information security breaches in several industries as well as the US and local governments. But for health care organizations the damage can be devastating. New innovations in malware and a growing list ransomware infections posing as decryption tools require these organizations to develop stronger defenses that they had throughout 2015.
The American Medical Association (AMA) understands and recognizes this risk so highly, that they listed Cybersecurity among their top priorities for 2016 along with medical reform and prescription drug pricing. As stated on their list:
Threats to health data security have been increasing over the past two years. A study found that 81 percent of health IT executives reported cyberattacks in that time span. Such endangerment of health data is expected to increase this year. With such private information so vulnerable to attack, appropriate protections for sharing and data storage must be a focal point for health IT. The AMA is working with the federal government to ensure better protections for health information.
Based on what we are hearing from our clients as them plan staff positions for 2016, it should prove to be the biggest year yet for growth of cybersecurity initiatives on the part of hospitals and health care providers. Budgets, staff and advanced security measures are being put in place. Companies need to be are of these developments, developing strategies, and updating considerations regarding vendors and their business partners on a regular basis. For 2016 privacy and security issues must occupy the attention of health care senior management not solely because of compliance obligations but because of the direct and substantial impact on businesses.