Securing the management of your sensitive health data

Records management and storage were once just about managing records and tracking boxes; however, digitisation has increased and with it the real threat of security breaches.

IBM’s 2016 Cyber Security Intelligence Index highlighted that there has been a shift in online targets of record theft, essentially away from credit cards and toward health-related data. Health records are a key target for identity theft, and a fully populated medical record is a more lucrative grab than credit card data. Credit card data, on average sells for as little as $1 whereas according to Rich Ferguson, country manager for Absolute Software in ANZ, medical records can be sold for as much as A$1,000.

Glen Gooding, an executive from IBM’s Security Services (ANZ) highlighted why health-focused organisations can be an easier target than financial sector businesses, many of which have implemented more robust information protection systems. “In the local medical clinic, there’s usually not a large IT component, and there’s a lack of skills. They are an easy target,” said Gooding.

According to Keith Lowry, senior vice-president of Nuix, a global provider of security services, headquartered in Sydney, “organisations needed to take a higher-level view and define threats, define critical value data, designate a senior official, conduct a capabilities assessment, and then develop, publish and prosecute policies and procedures”, he said.

Lowry said companies needed to appoint a single person responsible for security who reported directly to the CEO or COO. “This cannot be relegated to the IT department. The moment you put responsibility onto IT, it becomes an IT problem rather than a person problem.”

In the 2016 Cost of Data Breach Study: Australia by the Ponemon Institute, it was found that the average total cost of a data breach is $2.64 million while the average cost per lost or stolen record is $142.
By collecting the sensitive information of customers, every business needs a trusted security partner that can guarantee their data will maintain its confidentiality.
Compu-Stor provides the highest level of assurance by employing the world’s leading technologies and systems for data storage and security. Outsourced data security, provided by Compu-Stor in our state-of-the-art facilities, is the leading systematic method of ensuring that your consumer’s information stays exactly where it is intended – under your secure control.