Home / Blog / Healthcare Data Breaches Are Most Often a Result of Employee Negligence

Healthcare Data Breaches Are Most Often a Result of Employee Negligence

Data breach incidents in the healthcare industry are most often tied to employee negligence and insider activity. Physical theft of devices is another significant portion of data breach incidents in this industry.

Insider access falls into two categories and can include both unintentional errors like employee negligence and intentional criminal conduct by staff. Any organization, including those in the healthcare industry can be exposed to disgruntled current or former employees who purposely sell private information to cyber criminals. Lapses in proper implementation of a security plan or gaps in policies and procedures can result in errors by staff members. In the healthcare industry, this often leads to improper disposal and improper storage of patient files. This is a soft spot for cyber criminals when they target organizations and industries. Cyber criminals look for the weaknesses in organizations and exploit those weaknesses.

The constant challenge in implementing processes in a security plan is finding the right balance between optimum security and usability, convenience and efficiency.  It goes without saying – education and training of all members in an organization about policies and processes are vital and could help eliminate these factors in cybersecurity.

They key here is that employee negligence is something that can be eliminated through vigilance in excellent education and training of all employees.

Read articles on the subject:
http://healthitsecurity.com/news/employee-negligence-top-health-data-breach-issue-report-says

http://healthitsecurity.com/news/health-data-breaches-due-to-employee-mishandling-in-ok-ct

http://www.csoonline.com/article/2871215/data-breach/healthcare-breaches-need-a-cure-for-human-errors.html