A Customer Valentine’s Gift
It seems that almost every time you watch the news, there’s more coverage about data breach or corporate noncompliance involving information system security. These issues cover a global scope from the recent Target information system breach involving an estimated 110 million individuals to a major security breach at Sutton Hospital | Sutton Guardian UK on October 10, 2013.
An entire filing cabinet containing confidential and sensitive patient records simply disappeared from the hospital even though it was kept behind locked doors
This particular incident was one of 243 hospital security breaches that took place during 2012-13. To make matters worse, there’s no information about the location of Sutton patients involved in this breach. For those patients who personally identifiable information that was lost, it may be the start of years where they need to be hyper-vigilant about safeguarding their identities.
The HIPAA Privacy Rule
You’re probably aware of why your physician asks you to read and sign the HIPPA Privacy Rule documentation every year. If you’re not familiar with your patient rights, it’s important that you take the time to read this information.
The enforcement of the HIPAA Privacy Rule comes under the domain of a U.S Civil Rights office charged with enforcement to protect the privacy of our citizens. Learn more about the HIPAA Security Rule which covers the protection of electronic health information, and the HIPAA Breach Notification Rule in the event you are ever involved in a breach.
The Repercussions of an Information System Security Breach
In addition to affecting your business reputation, the average cost of a data breach is estimated at $5.4 million. The stakes are high, so it’s wise to put the following policies in place:
- Train or hire personnel that’s qualified to review your information system security at least annually.
- Complete employee background checks during the hiring process.
- Check security for all third-party vendors.
- Set up employee training sessions and quarterly reviews.
- Develop security policies and procedures with an All Shred Policy.
- Old computers present a security risk even if the hard drives are wiped or degaussing. Consider speaking with a professional shredding company like Sergeant Shredder who has experience in shredding x-rays, hard drives and other electronic media.
Sadly 2013 was one of the worst years ever for information system security breaches. The FBI has just issued a warning to expect even more breaches in 2014.
How will you protect your business? And how does regularly shredding play into your security efforts?