Healthcare Data Access Regulation: How Organizations are Encouraging Employee Error

Healthcare Data Access Regulation How Organizations are Encouraging Employee Error

Over the last few months, organizations have witnessed a whirlwind of new cyber attacks and breaches. Healthcare providers have long blamed most breaches on employee error and negligence, with various studies and reports revealing that the majority of healthcare breaches are a result of internal actors. And while this may be partially true, the fact remains that many organizations contribute to the problem themselves. Not through a lack of training or resources, but through a lack of proper data access regulation.

The 2019 Global Data Risk Report from Varonis shows that 53 percent of companies exposed 1,000 sensitive files to all employees, with this number expected to increase over the coming years. This means that sensitive data from both employees and patients is constantly left exposed for any employee to access. This occurs as a result of either improper data storage, incorrect permission settings or out-of-date permission settings.

Moreover, the report shows that organizations are also falling short when it comes to monitoring data. Over half of most company data consists of out-of-date information, inactive user accounts and non-expiring passwords. The time it takes to audit this ocean of data makes its virtually impossible for data oversight employees to review files and fix access issues.

While one cannot deny the detrimental effect of employee error on healthcare security, it is clear that organizations are not cutting the problem at the knees. If organizations learn to manage data well and limit access to those who need it, the chances of negligence will decrease considerably.

Both national and international regulations such as HIPAA and the GDPR require that providers keep sensitive data safe. This not only includes having strong cyber security precautions in place, but also regulating and controlling access to data as well. Moreover, cleaning out stale data makes data storage cheaper, security tighter and minimizes the chances of sensitive data being stolen.

Client Success

MetroHealth System Logo
  • 50% reduction in time to deploy Giva's change, incident, problem, asset management and knowledgebase modules
  • 60% reduction in the 5 year Total Cost of Ownership (TCO)
  • Saved at least 1 FTE due to lower ongoing administration
  • Saved 1 week per month due to easy to use reports
Athens Regional Health System Logo
  • Increased to 90% achievement in meeting service level agreements
  • 70% reduction in generating reports and admin; eliminated 35 hours/month
  • 50% faster to create/assign a service request
  • 60% increase in information captured during the initial phone call
  • 50% increase in the number of service requests created due to intuitive design
Santé Health Systems Logo
  • 80% increase in productivity by using Giva's dashboards and reports
  • 60% increase in meeting service level agreements
  • 50% increase in productivity by using Giva's integrated custom forms
  • 45% increase in the number of the calls logged due to Giva's intuitiveness and ease of use