Insider Threats

June 20, 2016

While ransomware and cyber attacks are increasing, there is also another aspect of privacy and security that healthcare organizations should be aware of: insider threats. Whether malicious or accidental, breaches caused by insiders are associated with the amount of access employees have to sensitive data and a lack of proactive monitoring.

Statistics relating to insider threats include:

  • 57% of covered entities and 59% of business associates experienced a data breach with internal root causes.
  • OCR has issued settlements stemming from insider breaches, including a monetary settlement of $1.7 million.
  • While training can be the key to reducing the threats posed by insiders, only 31% of respondents rate the effectiveness of their security training and awareness activities as “very good” or “excellent”, and 43% of organizations only offer one basic security training course for all employees.

Previous Article
OCR Plans to Expand Compliance Reviews of Small Healthcare Breaches
OCR Plans to Expand Compliance Reviews of Small Healthcare Breaches

The Office for Civil Rights (OCR) of the Department of Health and Human Services has announced a new initia...

Next Article
Handling Multiple Requests From OCR Audit Program
Handling Multiple Requests From OCR Audit Program

Last week OCR reported that it had faced challenges in identifying and selecting a diverse pool of organiza...