How to Protect Against a Healthcare Data Breach

Oct 2012

How to Protect Against a Healthcare Data Breach

Posted by Zaid Rasid

Healthcare TabletIn this final installation of our series on healthcare data breaches, we'll take a look at some practical measures you can take to ensure you're protected. The previous posts were meant to demonstrate the realistic implications involved in unprotected data for healthcare practitioners that include a tarnished brand image, heavy fines and patient distrust.

In case you're looking for the previous posts about healthcare data breaches, you can find them here:

  1. Understanding the Costs of a Healthcare Data Breach
  2. Medical Breaches Plague the Healthcare Industry
  3. What would you do if your healthcare clinic suffered a data breach?

In a blog post on Becker's Hospital Review, author Kathleen Roney writes an excellent article called 7 Ways to Minimize Data Breach Costs. The post encapsulates most of everything you need to know about protecting yourself from a data breach but neglects to mention the importance of backup. I will summarize some of the technical points made in the article and speak specifically to backup and recovery.

Ensure the following:

Encrypted Data: ensure software or hardware encryption is in place on all of your data.  In this regard, if a laptop is stolen or gone missing the data will be inaccessible to culprits and liabilities will be reduced.

Manage Network Ports: establish network port protocols to monitor which data comes off or onto a device. In many cases where USB drives are being used, it might be a good idea to put policies in place that prevent the use of such drives or at least ensure that USB drives are encrypted.

Update your software/hardware: have IT ensure that your software and hardware on your network is up to date and that all security patches are in place. This will ensure that your current software is less susceptible to current data threats.

Backup and Recover your data: ensure you have a thorough backup and recovery solution in place. Having the data encrypted (256-bit) at rest and in flight ensures that only those permitted to access the data can do so. Ensure that you are using an agentless backup solution. This means that all of your devices connected to your network can be backed up and recovered from a single source. This is less maintenance for you and is generally considered a safer approach. And in the case that one of your hardware devices goes missing, such as a laptop or mobile device, an agentless infrastructure ensures that you still have a copy of the data stored in a backup. In this way, you will know exactly, which data has been compromised and can notify affected individuals. Also, look for a solution that complies with HIPAA and all other state and federal requirements.  To learn more, visit the Asigra's Cloud Backup for Healthcare solutions page.

There are only a few steps you need to take to ensure your data is protected and in return your organization is protected from breaches. By following the plan above you can avoid serious implications of a healthcare data breach. At Asigra, we can help you ensure your data is backed up and easily recoverable. Not to mention, Asigra adheres to stringent healthcare requirements. Contact us and we'll put you in touch with an Asigra cloud backup service provider who can work with you to design a cloud backup strategy that's right for you.

Spice IT Email Post

For more information

Get insights about cloud backup and recovery direct to your inbox every month.
Subscribe to our Newsletter
Stay connected to the latest data protection insights – subscribe to our blog.
Subscribe to our blog
Got questions for one of our recovery specialists?
Need Answers to your Questions?
Print this page
Email this page