What happened to your data in 2021
We haven’t heard much about HIPAA in the past few years while the healthcare industry and regulators grappled with managing and responding to the COVID crisis. But that distraction has proven to be an ideal opportunity for hackers. In healthcare, Protenus released a new study, the 2022 Protenus Breach Barometer®, where they report a record number of breaches in 2021. According to Protenus, a record 50,406,838 records were compromised. Given we are a country of roughly 300 million people, this is a considerable number of records. Should we be surprised this number keeps growing every year, despite increased effort and dollars by the healthcare industry to stop it?
Let’s take it a step higher. The current crisis between Russia and Ukraine has many cyber experts concerned that the intent of cyberattacks emanating from that region may be more interested in business disruption and destruction, than record theft and ransomware. We’ve seen these attacks in the past – think MAERSK shipping – where their entire technology infrastructure needed to be replaced and rebuilt from scratch after cyberattackers infiltrated and destroyed hundreds of servers and workstations.
One of the greatest problems with most companies is their belief they’re protected. They have faith in their competent IT personnel, have invested in additional layers of security, and are subsequently under the belief they’ve insulated themselves from attack. The simple question they aren’t asking themselves is if they can prove it. That is, after all, the essence of security.
We have the answer. Every organization should be completing regular risk assessments where they document what’s in place, how it’s configured, and any potential security vulnerabilities. Part of our assessment process includes cyber testing of different levels of intensity. Our Level One cybersecurity testing is included as part of our HIPAA compliance program. We also offer Level Two and Three services for those who are interested in deeper evaluations.
Additionally, Acentec offers phishing email testing for companies of all sizes, and it’s value-priced like all of our services. Give us a call for more details and to get started today.
You need to go from believing you are secure to being able to prove you are secure. Go beyond HIPAA compliance with Acentec.