By Diane Evans
Of course it’s a given that healthcare leaders should protect patient confidentiality as a matter of trust. Equally true: They should also protect information in their role as good financial stewards.
In terms of the cost of a data breach, attention often focuses on the potential for exorbitant government fines. Yet relatively few organizations actually face multi-million-dollar federal penalties.
Real costs stack up in other ways. IBM’s annual “Cost of a Data Breach” report, conducted by the Ponemon Institute, consistently points to the expense of simply working through the impact of a data breach.
In our field work, we’ve seen the types of costs that become necessary, such as:
High-priced cyber experts to search the dark web to discover the causes and scope of a breach;
Lawyers specialized in cybercrime;
Crisis communications firms;
Consultants specializing in breach notification procedures;
Consultants specialized in document preparation.
To avoid all this to the extent possible, prevention is worth every bit of the cost. But to be effective, prevention needs to be managed from the top, just as every other important function is managed within an organization. For data security, this entails:
The assignment of duties to qualified individuals;
Baseline standards for IT protocols;
Tracking and accountability for maintaining data security;
Meaningful training programs, based on job roles;
Breach response plans, ready to go at any moment.
All this may sound like a lot to do. But it’s good business – because it’s what you have within your power to prevent a financially devastating data breach to the best of your ability.
For extra help: Download our complimentary 14-Point Risk Assessment Survey available from the top of our homepage at www.guardededge.com.
#Data SecurityLongTermCare
Comments