by Jasmine Chennikara-Varghese

The health care industry has been aggressively using their resources to implement and leverage enabling technologies for health management. As the healthcare sector technology evolves, it is encompassing clinics and doctor’s offices, Internet-based consulting with remote healthcare providers and connected medical devices spanning multi-cloud IaaS and SaaS environments.  The proliferation of healthcare endpoints and health IT systems means a larger cyber attack surface for malicious actors to exploit.

Due to the sensitive nature of personal health information, data breaches of such records can mean exposure of social security numbers, credit cards and medical insurance. LabCorp recently disclosed that it may have experienced a data breach in mid-July 2018 that put health records of millions of patients at risk. In response to the potential incident, LabCorp shut down all IT systems, severely impacting patients, doctors and vendors for several days. In late 2017, a cyber attack on Medicaid in Florida exposed sensitive information for 30,000 patients. The data breach was a result of an employee falling prey to a malicious “phishing” email. In this case, the attackers may have accessed Social Security numbers, patient names, addresses, medical information, birth dates, and other information.

The Verizon 2018 Protected Health Information Data Breach Report highlights that the healthcare industry’s biggest threat was from people inside companies, not external attackers. The drivers for insider threats were financial gain, such as tax fraud or opening lines of credit with stolen information (48%), fun or curiosity in looking up the personal records of celebrities or family members (31%), or simply convenience (10 percent).

Some measures can be taken to secure and restrict the access of healthcare professionals to sensitive data but without complete access to health records, most cannot perform their jobs in a timely manner.  The high level of access of a typical healthcare system user makes them a point of vulnerability and an attractive target for attackers. To better protect health data, user activities on personal health information (PHI) should be monitored. With Greenlight Application Security Monitoring, personal health data is continuously monitored for complete visibility into user actions. Greenlight detects suspicious activities and anomalies, alerting on indicators of potential malicious events such as activity on health data at unusual hours or from an unexpected IP address.

Learn how Greenlight Application Security Monitoring can help you detect the inside threat actors and compromised users, who intentionally or inadvertently, put your health data at risk.