Health information security 1 overview
Download as PPTX, PDF
0 likes93 views
Information security is important in the health sector for several reasons. Health data breaches are costly, with the average cost of a data breach being over $3 million. Health data is very valuable in black markets, with complete health insurance credentials selling for 10-20 times more than credit card information. Hackers view the health sector as a prime target due to limited spending on cybersecurity, high demand for medical records, and the use of ransomware and BYOD policies. Some key challenges for health information security include having multiple stakeholders, different data types, high data sensitivity, and a lack of awareness, policies, and legislation around data protection.
Health information security 1 overview
- 1. Information Security in Health Sector Dr. Lasantha Ranwala MBBS, MD Health Informatics Cert. in Ethical Hacking & Cyber Forensic Senior Registrar in Health Informatics
- 2. Why Information Security for Health Care???
- 4. 2018 Cost of a Data Breach Source: IBM/Ponemon
- 6. Complete health insurance credentials can be sold for 10 to 20 times more than a U.S. credit card on underground markets - Dell Secure Works. Health Sector is one of main the targets for Hackers
- 7. What causes the data breach?
- 8. Main Cyber Security Risks In Healthcare Limited spending on cyber security High demand for medical records in the black market Ransomware Bring Your Own Device (BYOD) policy Employee negligence
- 9. Why Healthcare data so valuable? Difficult to replace : Credit card information has a relatively short shelf life, with new cards but health organizations often have complete profiles of people including Social Security numbers and medical health information that is much more difficult / not possible to change. Health data breaches is often not caught as quickly as financial fraud Life threaten conditions Eg: if your records are contaminated by someone else's information -different blood group, Irreversible - If Information about mental health or HIV treatments could be made public, and there's no way to make it private again
- 11. WannaCry Attack in 2017
- 13. Challenges in Health information Security Multiple stakeholders Medical Staff Paramedical Staff Administrative Staff Supportive services 3 party suppliers IT service providers Health insurance providers Multiple data types Plain text Images Audio Video High Sensitivity Lack of Awareness Lack of Policies Ex: data storage location/ storage capacity /data decomposition Lack of Legislations