The Department of Health and Human Services recently issued its largest HIPAA enforcement action to date, entering settlements totaling $4.8M with two New York healthcare organizations tied to the same security breach which occurred in 2010.
Despite making significant investments to meet HITECH and HIPAA requirements, security breaches, data loss, and unplanned outages cost U.S. hospitals millions annually. The time has come for U.S. hospitals to shift from managing information security by static, point-in-time compliance to managing data and information security on a continuous basis, using state-of-the-art Automated Continuous Monitoring solutions.
Automated Continuous Monitoring will provide new opportunities for Healthcare IT executives to obtain real-time, relevant and accurate information on the state of their IT network vulnerabilities and the threats to those networks, inclusive of external, targeted, persistent, zero-day attacks. Having access to this real-time security information will empower Healthcare IT officials to better protect their IT networks and ePHI from cyber-security threats, through more effective and timely risk management decisions, and of course eliminate penalties and reduce the cost of security breaches.