Fortune 500 multi-line health insurer Centene Corp. was rocked by its late January discovery of six missing hard drives containing healthcare records of nearly one million individuals. The lost hard disks contained a wealth of sensitive information about the company’s customers including birthdates, Social Security numbers, full names, addresses and member ID numbers.
An Escalating Problem
Many saw this data breach as a sign of an ongoing issue in the healthcare industry, which is a significant target for cybercriminals looking to steal valuable data. A full healthcare profile can sell for as much as $500 on the black market, according to a recent NPR study, and the Identify Theft Resource Center (ITRC) announced that over 120 million individual records were compromised in 2015.
The comprehensive levels of data that healthcare organizations collect and record on individuals is another factor that puts these businesses at risk. A single provider may have full medical history, credit information, past residences and more on file — and this unification of data makes healthcare companies’ records significantly more valuable than most other kinds of businesses.
Unique Data Security Challenges
The healthcare industry has adapted and incorporated recent technological advancements, but far too much sensitive information remains stored on easily accessible physical media like hard drives and paper. Ideally, all organizations would encrypt their data, but many companies fear that encryption will limit ease of access, staff onboarding and adoption, and cross-organizational sharing. The good news in the story is that Centene’s security efforts detected and identified the breach quickly — as opposed to the industry average of nine months. This timely response allowed the affected individuals to freeze their credit and take damage prevention measures.
What Can Be Done
As cyber-attacks and hacking show no signs of slowing down, it is critical that organizations become proactive about protecting themselves. The entire management structure, from top to bottom, must invest in data-forward security efforts that include staff-wide training, strong password management policies, and designated personnel access to files and records. There is only one way to eliminate the possibility of a mass breach, and that is with the deployment of CertainSafe technology. CertainSafe can help mitigate if not remove these types of threats.
CertainSafe eliminates the possibility of mass breaches for health, finance, business and insurance organizations with advanced proprietary MicroEncryption and MicroTokenization technology that encrypts, disassembles and stores sensitive data—all while retaining ease and speed of authorized access. Visit our homepage today to learn more about our unique offering.