IFSEC Insider is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
There were 105 security breaches of UK hospitals and other NHS organisations in the financial year 2014-2015 – 81% more than the previous period.
There were also 21 breaches at private health companies, more than double the year before.
Even more worryingly, 41% of all data breaches brought to the attention of the Information Commissioner’s Office in the first quarter of 2016 were from the medical sector.
It appears that robust data protection and online security policies are more important than ever to protect the tens of millions of medical records on file.
So how can healthcare data be secured? Here are a few top tips on how to secure data in the healthcare industry:
Whether breaches are made with malicious intent or caused by accidental error, improved training and raised awareness can help reduce the likelihood of such circumstances occurring.
Although it may seem secure, the average email is surprisingly easy to intercept, therefore a secure messaging system with end-to-end encryption is essential when transferring sensitive information such as medical records.
Don’t forget storage either! An investment in secure messaging services would be a waste if the information could easily be accessed at its resting end point. Data should be encrypted, partitioned and protected wherever it is stored, so even if a hacker does get in, they won’t get their hands on all of the files and won’t be able to read them.
Limit access to information
You’ve probably heard the saying ‘what you don’t know, won’t hurt you’. Well, limiting access works in a similar way – keeping medical or other sensitive data on a need-to-know basis reduces the risk of a security breach.
Adding multiple, password-protected levels of security within a system and providing only certain job roles or senior staff with authority to access this information will limit the resources available to cybercriminals… and disgruntled staff.
Monitor outbound communications
Monitoring communications can be a controversial subject when it comes to staff and patient privacy, however the use of monitoring software should be used alongside a secure data transfer system to prevent the wrong kind of information getting out.
Should this information get out, an advanced system like Maytech’s will alert you and these messages can be accessed, edited, moved or deleted in minimal time to diminish the time this information is exposed.
Secure large file transfers
Sending a large number of files can be tricky; you can’t use an average email messaging service as these have size limits. So how can large data transfers be done safely and securely? Compliant, cloud-based FTP infrastructures could be the answer. With no file size limits and fast transfer anywhere in the world with full activity logs, this is a tailored solution that many businesses are adopting.
There are dozens of ways the healthcare industry can secure its data and ensure there are no breaches; the above are just a few. One thing is for sure, with recent cases that have seen patient networks and NHS trusts fined hundreds of thousands of pounds for data security breaches, things can always be improved.
Listen to the IFSEC Insider podcast!
Each month, the IFSEC Insider (formerly IFSEC Global) Security in Focus podcast brings you conversations with leading figures in the physical security industry. Covering everything from risk management principles and building a security culture, to the key trends ahead in tech and initiatives on diversity and inclusivity, the podcast keeps security professionals up to date with the latest hot topics in the sector.
Available online, and on Spotify, Apple Podcasts and Google Podcasts, tune in for an easy way to remain up to date on the issues affecting your role.
How to secure data in the healthcare industryThere were 105 security breaches of UK hospitals and other NHS organisations in the financial year 2014-2015 - 81% more than the previous period.
John Lynch
IFSEC Insider | Security and Fire News and Resources
Related Topics
New app launched to enhance mandatory fire safety training in the NHS
Protecting health workers is a complex challenge, but emerging strategies show promise
Six companies charged with fire safety offences for blaze which destroyed Cheshire retirement village