Health care IT security remains lackluster
July 2, 2014

In the past several months, the retail sector has been one of the most highly targeted and poorest performing industries in terms of cybersecurity, with countless breaches leading to the exposure of hundreds of millions of individuals' personal information. Because of the breaches that have taken place at eBay, Target and Neiman Marcus, among others, it is not surprising that many would believe the retail sector to be the worst in terms of access management performance. 

However, studies indicate that health care organizations are actually the most behind in the progression of security and access deployments, which is even more concerning considering the increased sensitivity that comes along with patient data. Whereas the bank and personal information that is often involved in a retail breach can only be used for purely financial types of fraud, medical records can lead to far more dangerous occurrences. 

Medical identity theft puts an individual's financial stability at risk while simultaneously tarnishing their patient histories, which could lead to complications at the point of care considering the fact that physicians and health practitioners will be relying upon accurate records to provide the right support. As such, health care organizations will need to quickly progress in their security performances, which can often be accomplished through advanced authentication tools. 

How bad is it?
InformationWeek recently reported that BitSight Technology, a security rating firm, conducted a study to evaluate the successes and failures of cybersecurity practices in several different industries. According to the news provider, the analysts found that health care has seen both the quickest increase of attack volumes and frequency in the past few years, as well as the poorest response to breach in the game. 

Notably, the source pointed out that there are health care organizations that have been at the top of the cybersecurity game for years, working progressively to ensure the integrity of systems and data. However, the BitSight Technology report found that the sector at large is the most susceptible to devastating, widespread breaches of personal information, putting the health records of hundreds of millions of individuals at risk of exposure. 

Still, the analysts stated that some of the more recent breaches have seemed to wake decision-makers up to the increased importance of strong security performances and proactive privacy issue mitigate.

"I don't know of a major breach of healthcare records, but stay tuned," Stephen Moyer, Chief Technology Officer of the firm, told InformationWeek. "I know that certainly there's worry about privacy. I see more transparency going into the process and I think that's going to put the right incentives in place. The Target breach was just a watershed moment in the industry. It's changing conversations everywhere we go."

One of the important takeaways form the report was that it took health care providers an average of five days to patch vulnerabilities upon identification, which was the longest among surveyed industries. 

Network and data security made easy
In the health care arena, the two main components of healthy security and productivity involve networks and data storage environments, both of which can be protected through the use of authentication. Network authentication solutions can help mitigate one of the growing threats that is facing major industries today, distributed denial of service attacks, while the tools can also be used for data access management and oversight. 

Data breaches continue to become more expensive, and are especially financially straining for health care providers given the fines, sanctions and reputation loss that come with a lack of compliant practices. As such, investing in the technologies that are most effective in protecting systems and data is not optional, but rather critical for long term stability and continuity.