New Year's Resolution: Stop Breaches
Breach Tally Numbers, Survey Results Highlight Need for ActionToo often, New Year's Resolutions quickly fade from memory. But this year, I'm hoping healthcare information security professionals will resolve to lead a stepped-up breach prevention effort - and then carry through on the pledge.
As I reported this week, the federal "wall of shame" tally of major health information breaches now lists 380 incidents affecting more than 18 million individuals (see: Breach Tally: 18 Million and Counting. And the list keeps growing and growing.
No one wants to see their organization's name on the breach list. But unfortunately, our new Healthcare Information Security Today survey shows there's still much breach prevention work to be done. For example, 43 percent of organizations grade their ability to counter external and internal information security threats as poor, failing or in need of improvement. And only half have a plan in place to comply with the HIPAA breach notification rule
.So, it's no surprise that the survey shows improving regulatory compliance is the top priority for the year ahead (see: 2012 Security Priorities: An Analysis). Plus, the top security technology investment priorities all contribute to breach prevention (see: Top 5 Security Technology Investments).
Breach prevention costs money, and money is tight. But breaches are costly as well, and they can shatter an organization's reputation, not to mention cause individuals a great deal of harm.
As 2012 dawns, it's a good time to redouble efforts to prevent breaches by advocating the right technology investments and carrying out a well-thought-out information risk management strategy. We pledge to help by continuing to offer timely breach prevention tips from experts in the field at HealthcareInfoSecurity and a new sister site, DataBreachToday, which covers breach resolution issues across all industry sectors.
Best wishes for success in the new year.