PREVENTING A DATA BREACH IS CRUCIAL WITH TODAY'S CYBER ACCESSIBILITY
April 30, 2018, Edmond, OK - The accessibility to Wi-Fi in today’s electronic age is both convenient and a recipe for disaster. By simply connecting to public Wi-Fi, you could be putting you and your entire company at risk of a major data breach. IBM’s 2017 Cost of Data Breach Study calculates that United States organizations lose an average of $225 per record that has been compromised. Andrew Robertson discussed the need for a shift in the corporate culture surrounding privacy and security of protected health information (PHI) at the Rimkus Oklahoma Crash and Learn Seminar in Oklahoma City on April 27, 2018.
Robertson, partner at Parker Straus, LLP, gave his presentation titled, “HIPAA Ethics in the Age of the Internet” after attendees witnessed a live crash demo where data from cameras and injury causation were explained. Data from cases such as car accidents often make it through the hands of multiple insurance adjustors, law enforcement professionals and attorneys. With more than 12 years of experience in handling sensitive information, Robertson shared the following ways individuals and businesses can improve security of protected health information.
- Lock all doors and designate a security officer in the workplace.
- Encrypt or password protect every document, email or flash-drive within information technology systems.
- Password protect all electronic devices such as cell phones, tablets and laptops and never connect to public Wi-Fi while using them.
- Lock away all papers containing protected health information in briefcases or filing cabinets. Never leave unattended on desks.
- Dispose of documents in a manner that renders them unreadable. If using a shredder, make sure the shredder prevents the documents from being reconstructed.
With fines up to $50,000 per violation of the Health Insurance Portability and Accountability Act (HIPAA) requirements, implementing these security measures should be prioritized by businesses. Robertson said each state has different breach penalties and procedures; however, all require notification of the breach to be made to the affected individuals as soon as possible.
“The dark web of the internet is where it is difficult to increase security of protected health information,” Robertson said. Data such as social security number, date of birth and health insurance policy numbers can be purchased on the dark web and used by fraudsters to make false applicants for insurance policies.
No matter the technique used to steal data, the individuals handling the information will be held responsible. Law firms, insurance carriers and private investigation firms maintain high volumes of protected health information across a variety of platforms. Robertson said this makes it easier to mishandle documents, but implementing the tactics mentioned above can decrease the risk of your business experiencing the repercussions of a data breach.
If you have additional questions about the laws surrounding protected health information or are interested in presentation opportunities on this topic, please consult the experienced legal counsel of Parker Straus, LLP at (888) 557-3311.