Black Book Market Research in 2019 revealed that over 93% of healthcare organizations have experienced a data breach since Q3 2016.
Have you Experienced a Data Breach?
There are several key areas to consider for your digital strategy within the healthcare sector, in the second article of our series we highlight the risk to your data and how cloud-based services can help you to mitigate the risks for data breaches.
The security of data has always been of paramount importance but now with the record level of fines being dealt can your business afford to take the risk? The most notable case in recent times was British Airways record fine of £183 million after a breach of personal and payment data of up to 500,000 customers.
Within the Healthcare sector a US company was fined $3.5 million for failing to prevent unauthorised access to facilities and equipment, failing to encrypt health data, not governing the removal of electronic media holding health data, and having a lack of security incident procedures.
Cloud technology can be used to support the most sensitive workloads, but you need to be vigilant choosing a provider. It’s critical that security is the foundation for which their services are built, they must have a security first perspective.
How Secure Are the Data Centres?
There are more elements to consider than just the data centre buildings’ security and disaster recovery capabilities. The infrastructure will consist of hardware, software, networking, and facilities that are all required to run the providers services.
Protecting these services should be the number one priority of any provider, whilst you can visit the data centre, unless you really know what to look out for, they can pretty much look the same.
On that basis we recommend that you ask to see independent reports from several third-party auditors who will have verified compliance with a variety of computer security standards and regulations.
Taking on a Managed Services Provider (MSP) is a great way to free your staff from mundane or repetitive tasks. It will provide them the time to upskill and focus on key healthcare initiatives to drive you forward.
However, a key consideration should be the security of the MSP’s service offering. They should be completing basic tasks such as operating system and database patching. These tasks should be automated where possible and conducted regularly. They should also ensure firewall configuration and disaster recovery policies and documentation are all in place.