Netwrix outlines top tips to protect sensitive patient data
Efficiency report lays out advice to ensure integrity of patient information
Despite increasingly-stringent industry regulations, many healthcare organisations are still failing to ensure the integrity of sensitive information.
With numerous data breaches occurring, it is crucial for healthcare providers to have complete visibility across the entire IT infrastructure, instantly detecting malicious activity or unauthorised access to sensitive data
This is reflected in the latest Netwrix SIEM Efficiency Survey Report , which named healthcare as one of the top six industries vulnerable to security violations.
One of the problems is that the regulations that establish IT security requirements for healthcare providers are often diverse and confusing.
To address the issue, Netwrix has outlined three major steps that help to meet compliance requirements and ensure security of the IT infrastructure:
- 1. Establish effective security policies: Adopt a comprehensive internal policy that will apply to all aspects of critical data security. Define roles and responsibilities of everyone dealing with sensitive information and limit access to people who need it to perform their duties. Develop detailed workflow that describes the process of security maintenance, as well as actions that should be taken in case a security incident occurs. Regularly revise these documents to keep them up-to-date with current legislation and technical and business objectives
- 2. Make sure employees maintain security : Distribute security policies among all employees, whether they have access to sensitive data or not and point out the responsibilities to follow the instructions. Organise end-user security training and regularly test their knowledge. Another way to make employees control their actions is to publish anonymised audit reports demonstrating that their activity is being watched
- 3. Audit your IT infrastructure : Knowing about who did what, when, and where will help track malicious user activity, eg unauthorised access or modifications made to sensitive data or system configuration as early as possible. Regular reporting on changes made across the entire IT infrastructure will help ensure security policies in place are actually working and pass both internal and external audits
Michael Fimin, chief executive and co-founder of Netwrix, said: “Information technologies continue to improve and expand, providing countless opportunities to enhance healthcare services and communication between patients and healthcare providers.
“This, in turn, makes maintaining privacy and security of sensitive information one of the biggest challenges for IT departments. With numerous data breaches occurring, it is crucial for healthcare providers to have complete visibility across the entire IT infrastructure, instantly detecting malicious activity or unauthorised access to sensitive data.”
