| Healthcare |
- How do you know if your employees are leaking Protected Health Information?
- What security do you have in place for malicious code and spyware that creates open backdoors?
|
 |
Internet access in healthcare industries is business-critical; it improves the efficiency and accuracy of information exchange, while lowering costs and providing a better patient experience. By their nature, however, healthcare industries regularly handle personal information, including medical records, patient social security and credit card numbers. Healthcare industries face the challenge of maintaining the security and privacy of information, while allowing productive internet access. |
| The Health Insurance Portability and Accountability Act (HIPAA) in the US and similar regulations around the world require healthcare providers to secure a patient’s Protected Health Information (PHI). Failure to prevent unauthorized leaks of confidential healthcare data can be costly to an institution in terms of fines, potential litigation and a damaged reputation. |
| |
|
| Hospitals spend millions of dollars on firewalls, intrusion detection, anti-virus and vulnerability applications, all trying to keep people out of their system. Often, the biggest threats come from within an organization. |
| – Barry Hieb, Gartner |
|
| The Biggest Threats Come From Within an Organization |
| It sounds counter-intuitive, but many of the threats that an organization faces are often created by employees that unknowingly leak information or download malware. Nearly half of malicious code is embedded on websites that employees access regularly (such as travel sites), and innocent employees are also often tricked into visiting such sites. This enables spyware and malware to install itself without explicit permission and create open backdoors, by which hackers access institutions’ private information and patient records. |
| Web Logs: Compliance and Risk Management |
In addition to data leakage protection, HIPAA requires institutions to keep “records of information system activity, such as audit logs”. This includes internet activity; institutions must retain information about the internet use of employees in a comprehensive and accessible form. Moreover, web logs are an important tool in business risk management. By providing visibility into inbound and outbound internet traffic, transaction logs detect and record anomalous incidents. They provide an understanding of how the activity occurred, allowing institutions to prevent future incidents. Without this visibility into internet activity, organizations often falsely assume that there have not been any security breaches.
|
By monitoring and controlling inbound and outbound Web traffic, Zscaler provides a comprehensive solution to secure your network from the latest malware, prevent data loss and provide HIPAA compliance to protect your institution’s reputation and maximize productivity.
|
| To learn more about how Zscaler can help healthcare organizations, please click here. |
| |
| |
