AHA Solutions and Clearwater Compliance have released a new white paper examining the rapidly changing threat landscape in health care data security. Last year (for the first time ever), intentional attacks surpassed unintentional mistakes as the leading source of the compromise of Protected Health Information (PHI) security.

Criminal attacks against healthcare organizations have increased 125% since 2010. The recent data breach at health insurer Anthem exposed about twice as many patient records (80 million) as the total number reported under the HITECH Act from its inception in 2010 through 2014 (40 million).

This new white paper focuses on the five most critical issues in safeguarding PHI:

  • The constantly evolving threat environment
  • Insufficient resources to combat those threats
  • Ability to effectively measure information security risks and processes
  • Organizational apathy toward information security
  • Lack of availability of tools to prevent/eliminate threats

Lost laptops and other employee mistakes once were the leading causes of PHI compromise, but now the biggest threat is from outside intruders and malware. The white paper challenges health care organizations to respond accordingly in order to ensure that they, along with their business associates, are doing everything they can to safeguard the confidentiality, integrity and availability of PHI.

“Despite numerous headline-grabbing data breaches in health care, many organizations still don’t consider information security to be a top priority – and have not earmarked sufficient funds to mature their information risk management programs,” says Bob Chaput, CEO of Clearwater Compliance. “Yet the cost of preventing data breaches is just a small fraction of what it costs to remedy them.”

To download a free copy of the AHA Solutions/Clearwater Compliance white paper, click here 

Clearwater Compliance

Clearwater Compliance helps healthcare organizations ensure patient safety and improve the quality of care by safeguarding the confidentiality, integrity and availability of protected health information (PHI).

We have assisted more than 400 customers to operationalize and mature their information privacy, security, compliance and information risk management programs. And in the process, we are raising the bar for safeguarding PHI, protecting millions of Americans and driving real value for the organizations we support and the healthcare industry at large.