Case Study: Cyber-maturity in Healthcare

HISA is Australia’s Cyber security Community of Practice with their role being to inform and engage Healthcare providers on the latest findings regarding data threats across the sector.

From results at the end of 2018 there are some frightening findings regarding the way Healthcare services have remedied the perceived the threat of a data breach. With the Healthcare industry being the biggest holders of private and sensitive patient records and with the rise in advanced methods of online data breaching, data corruption and unwanted access to information is only going to increase.

Key Findings:

1. Identification:Only 33% of organisations said they did a cyber security risk assessment at least annually.
2. Staff Awareness:A large portion of clinical and other staff were surveyed and believed they had no responsibility for cyber security
3. Detection: Only 43% of Healthcare providers maintained a central register, with 35% being completely unaware of no tracking procedures being in place.
4. Responsiveness:In the event of a cyber security incident 46 % of staff surveyed were uncertain on how to react.

Source: HISA: Final report of a national survey, June 2018

At Secure USB, we take these findings very seriously and for over 30 years have been applying ideal strategies for secure data transfer and disaster recovery. We have constructed 4 useful tips in response to clinical staff struggling to come to terms with Data protection methods and the implications of mis-information.

Secure USB’s 4 Tips:

Tip 1: Educate employees on Phishing attempts:

Linking with cyber security experts and studying the different terms when it comes to malicious online parties. The terms can be confusing. For instance, Whaling and spear Phishing can mean entirely different things to the untrained ear.  Simply put, Phishers act as if they are within the company and use very credible emails to lure victims into sensitive document sharing.

Tip 2: Formally establish a coherent company-wide policy:

A best understood policy is one that is non-technical and as brief as possible. Every employee should be able to adapt the policy easily and know how data is transferred between themselves. A stern approach to privacy policies related to personal devices should be administered along with strong password protection management.

Tip 3: Awareness of FIPS regulation for data transfer: 

With employees always on the moves and with remote business meetings, the importance of having your sensitive back-up on a secure USB with FIPS approved encryption is important. For Further information on what FIPS means for your business head to SecureUSB.

Tip 4: Secure Storage:

More often than not, breaches are a result of poor storage. Secure USB fills the void with unique and advanced AES 256-Bit Hardware-based encryption. FIPS and AES Encryption are what stands between you and a potential data breach, so check out the exciting product range of USB’s, Hard-drives and Laptop Accessories that are on offer at SecureUSB.

The Future

It is not all doom and gloom with an investment in technology and bio metrics in recent times rapidly  changing the face of data protection in the healthcare sector with several cyber-experts optimistic about what this may mean for patient protection.