The recent Anthem breach is potentially the largest data breach to date in the healthcare space. When your CEO or your largest clients ask you what your plan is to prevent the same from happening to you, what are you going to tell them? Safeguarding Personally Identifiable Information (PII) is essential for avoiding a data breach. Here are three things you should do immediately to avoid a data breach:
Implement Advanced Penetration Testing
Performing an advanced external penetration test is a strategic approach to identify weaknesses in network and application security, as would a hacker. It is important to undergo regular penetration tests to maintain a secure network due to emerging vulnerabilities and find the gaps in your security before someone else does.
Perform a Formal Risk Assessment
How will you know if you’re doing enough until you systematically identify the appropriate risks? An organized, written risk assessment will identify what you need to be doing and what you don’t need to be doing. The old adage is true; first make the plan, then work the plan.
Assess All Regulatory Requirements for HIPAA
Perform a GAP Analysis against the HIPAA standards to see where you need to make remediations to strengthen your information security. Take the appropriate steps within your organization to make sure a data breach doesn’t happen to you. Need further help in preventing a data breach at your organization? Email me at s.morris@kirkpatrickprice.com.
Sarah Morris is the Managing Editor at KirkpatrickPrice, a valued partner of AIS Network. She is certified in General Information Security Fundamentals (GIAC GISF) and specializes in keeping organizations up to date on information security and regulatory compliance by being a thought leader and developing valuable content that revolves around industry trends and best practices.