cybersecurity for Sensitive data A NEW FRAMEWORK FOR PROTECTION ecent large-scale data breaches at high-profile retailers have focused a lot of attention on the topic of data security. The question of how to keep sensitive data safe is one that every industry faces, but nowhere is it more important than in the healthcare industry, which by its very nature collects, stores, and shares a massive amount of confidential personal data. early this year, the National Institute of standards and Technology (NIsT) issued its “Framework for Improving Critical Infrastructure Cybersecurity.” The Framework outlines best practices for enterprises of all types that work with and hold their clients’ personal data. Because NIsT’s recommendations are high level and general in nature, they are applicable to every enterprise that works with very sensitive customer information. However, it is wise to bear in mind that computer hackers probably are not your greatest risk. Vulnerabilities that exist within 18 HBma BILLINg • jaNuarY.FeBruarY.2015 your own operations frequently lead to accidental privacy violations that can be equally damaging. For example, these vulnerabilities can include people taking work home with them via laptops or portable usB devices that might also house customer data or proprietary information about your systems and operations. Furthermore, mistakes such as accidentally diverting monthly statements to the wrong address can expose sensitive information. as a result of these and other possibilities, it is important to determine how well your organization identifies and tackles all the risks involved in data loss. The Framework provides a detailed method for reviewing your organization's practices and establishing a proactive system for cybersecurity. It prioritizes the relevant issues and considerations, and classifies them into what it calls “tiers.” The following are what the Framework considers the five core elements of data security: • IDENTIFYING THE RISKS. In the broadest sense, this means understanding the context of your healthcare organization, R By Harry Stephens
Billing_JanFeb15
To see the actual publication please follow the link above