Yet another health care organization announced it has been the victim of a data breach. Indiana's Beacon Health System revealed recently that it had suffered a phishing attack that allowed cybercriminals to access employee emails, some of which contained sensitive patient information.
While investigating the breach, officials with Beacon Health discovered that various email boxes had been accessed by an outside party at some point between November 2013 and January 2015. More than 220,000 patients were affected by the hack, but officials with the health system said that there has so far been no evidence that any personal health data was misused as of yet.
According to a statement released by Beacon, the majority of the information compromised in the attack related only to patient names, doctors' names, internal patient ID numbers and patient status. However, other information available through the hacked emails included Social Security numbers, driver's license numbers, birth dates, treatment information and diagnoses.
Health care organizations are especially vulnerable to phishing attacks.Improving health care communication security
"Health care ranked the lowest when it comes to email security."
While these kinds of attacks can – and do – happen to anyone, health care organizations are especially vulnerable due to the type and volume of information they collect and store on a daily basis. Email seems to be a particularly difficult channel for hospitals and doctor's offices to secure. So difficult, in fact, that a recent report by security firm Agari found that organizations in the health care industry are ranked the lowest when it comes to email security.
One way to improve the security of email systems is to eliminate them altogether. Health care organizations can receive a much higher level of protection by utilizing online faxing instead of email to send and receive highly sensitive medical information. Fax-over-IP reduces a variety of security risks, including cyberattacks and data loss. Fax-over-IP providers like FaxCore employ highly sophisticated back-end encryption technology to protect faxes sent with the service. When a document is sent with FoIP, the content within is stored on a secure server and encrypted. The fax’s specified recipient is the only one with the key capable of decrypting the message, ensuring security and privacy, and preventing phishing attacks from compromising data.
Enhance enterprise communication, collaboration and compliance efforts with a proven FoIP solution from FaxCore. Contact FaxCore today to learn more about their 'Partly-Cloudy' fax solutions.
