It’s a normal day, John strolls into his clinic clutching a steaming cup of coffee, as the beams of sunlight reflect from the tall glass windows that surround the reception area. Everything is as usual, a typical day in the life of a healthcare worker. John enters the front door and, as the morning reflections fade, his eyes refocus to behold terror on the faces of the receptionists and nurses scrambling about. “There’s been a breach, John. It was caused by YOU!” Despite the passing of HIPAA Law in 1996 and subsequent updates to protect patient’s privacy and security we are seeing more infringements than ever. Living in 2019 we have seen some truly dumbfounding scandals from hospitals, insurers and small local clinics alike.
The days of only the big financial institutions being targeted are long gone; anyone and everyone who holds patient records is a target. Nowadays, it’s not the disgruntled high school students compromising systems for fun, boredom or, as in “Ferris Buller’s Day Off,” to change attendance records. Modern attacks are performed by sophisticated networks of cyber criminals using complex hacking tools.Despite the plethora of attack vectors, below are 3 common faults that enable attackers and lead to patient’s data being lost or stolen.