Companies belonging to different industries, rely heavily on technology when it comes to managing their growing databases. However, due to the knowledge, skills, and persistence of unauthorized individuals or activities done by internal employees, unwanted circumstances occur, such as the incident of a security breach.
With the recent case encountered by the second largest health care company, Anthem Inc., where their IT system that contains personal information of over 80 million Americans was hacked, leads us to a conclusion that medical institutions aren’t exempted from security breaches as well.
It was only on January 29, 2015 did Anthem Inc. learned about the “sophisticated” attacks on their IT system, but considered that all these happened as early as December 2014—or even earlier. The health firm added that they weren’t well-equipped for such event and that the hackers were indeed pros on the particular field.
Furthermore, technology isn’t really the main concern for Anthem Inc. upon realizing that the hackers exploited particularly the employees with high-level IT access to give them access to the databases.
Through the “phishing” method, they sent out deceptive emails to the employees to get their personal information (network ID and password) or even manipulated them into inadvertently downloading software codes, which serve as their long-term access.
Improved Security System
Given this incident, hospitals should then devise courses of action and implement policies on how they can improve their overall security system that don’t only focus on their technology, but with their employees too.
While glitches on the network can be resolved, human errors are an entirely different case and are difficult to be repaired—if possible.
With the amount of data that medical providers have that usually contain confidential information such as the patient’s name, birthday, address, Social Security number, employment details, and financial specifics, the occurrence of a security breach then increases the risks of the patient not as a patient, rather as an individual.
While this is only a brief breakdown on what happened to Anthem Inc., bear in mind that dealing with security breaches should be accomplished together with professionals, as they know how to restore properly losses, restart and isolate your network, file necessary lawsuits, and continue with your operation, among others.