How to Prevent Employee-Caused Data Breaches

Posted by Brian Lee in Public relations |

INTRODUCTION

cyber securitySecurity breaches in the healthcare industry are on pace for more than one per day, according to a recent report. What’s telling is that 9.2 percent of the breaches occurred through accidental email/internet exposure and 8.7 percent due to employee errors, an IT security company discovered.

It’s one thing to be targeted by hackers, but hospitals wanting to prevent healthcare data breaches need to eliminate ones caused by staff.

Here’s how you can protect patient health information:

EDUCATE AND TEST HOSPITAL STAFF

Your hospital’s PR and IT departments must focus internal communications efforts on education and situational training, respectively.

For the PR team, regular communications–be it newsletters, Intranet blog posts, presentations, quizzes and/or handouts–are important to engage staff and build a mindset in which security is at the forefront. You also need to make sure staff members achieve informed consent about safeguard processes (e.g. login authentication) that can be time-consuming or annoying, according to the Commonwealth Fund.

For the IT team, cybersecurity company Redspin says to test staff with phishing emails and phone calls. Supplement the training with posters, wikis and other items the staff can reference quickly.

With education and training, your hospital hopefully can avoid breaches such as the email scam that affected the nursing home chain American Senior Communities in Indiana.

MEASURE YOUR INTERNAL COMMUNICATIONS EFFORTS

You want to make sure your education and training efforts are working. Per our tips on internal communications measurement, you’ll need to start by measuring outputs. For example, are staff members viewing, sharing or engaging with your content? If not, you’ll need to revise your tactics.

Next, you’ll need to measure your outcomes. For example, is your IT department seeing that employees are clicking on fewer and fewer phishing emails? Are quiz scores meeting a certain threshold? If not, you’ll need to figure out why and then alter your messages accordingly.

Ultimately, you’ll know you’re succeeding if you don’t have any breaches occur from the inside.

FOR MORE INFORMATION

Revelation PR, Advertising & Social Media offers healthcare providers services related to media relations, crisis communications, internal communications, media buying, content marketing and social media management. Please contact Brian Lee, brian [at] experiencerevelation.com or 608-622-7767.

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Copyright © 2011-2017 Revelation PR, Advertising & Social Media Blog All rights reserved.