Healthcare data insecurity: Lack of access controls or tech advances?

When it comes to protecting personal health information, legacy processes are just as vulnerable as legacy operating systems, hardware and software. In other words, the lack of proper access controls for technological advancements in healthcare, leaves private data susceptible to attack.

“Just because our EHR [Electronic Health Record] forces a username and password, doesn’t mean you’re compliant,” said Mac McMillan, chair of the HIMSS Privacy & Security Policy Task Force at the 2016 HIMSS Annual Conference & Exhibition.

At last count, the Anthem breach is estimated to cost $31 billion — a pricey lesson on healthcare security best practices and, specifically, how to control access to sensitive data in organizations. Anthem authorities believe the lack of proper access controls allowed hackers who had gained authorized credentials to breach Anthem’s patient information. The vulnerability was not in the operating system, hardware or software, but in the process of managing proper access controls

Until healthcare as an industry improves both its legacy technology and adoption of security practices — including data access control — cybercriminals will continue to view healthcare data as a vulnerable target.

To continue reading this article…

Start your monthly or annual subscription to HIT Leaders & News today!

A monthly Standard subscription to all our regular news articles costs only $12.00 per month, or $144.00 for an annual Standard subscription.

Already a subscriber? Log in


cyberattacks, cybersecurity, data security, Forrester security assessment, Insight Public Sector, National Institute of Standards and Technology Security Framework


Please follow and ‘Like’ us


©2021 HIT Leaders and News, a GO Digital Media publication. All rights reserved.