1. What is Security Awareness Training?
The healthcare industry is arguably one
of the most information-intensive. Personal health data is part of a critical
pathway that impacts our everyday lives and health. The integrity and
confidentiality of these data is paramount, not only for individual well-being
but for continued innovation within the industry.
Being part of the big data revolution,
at a time when the landscape of cybercrime has never been so threatening, has
meant that the healthcare industry is a prime target for cyber attack. The FBI gave
out a warning that the healthcare industry was neglectful in its attitude to
cyber-security threats when compared to other industry sectors. The result of
this is borne out in evidence which shows that the healthcare industry was the
most frequently attacked industry. This is likely due to the unique position
that the healthcare industry finds itself in: Healthcare faces a gap between
handling the massive data generated by the wider industry, and understanding
and mitigating the threats posed by cybercrime.
The situation is also compounded by the
speed at which technology is changing. New ways of generating sensitive information
are entering the information arena. According to research by PWC, 86% of
clinicians believe that mobile apps will be an important part of patient health
management in the next few years. And the entry of the internet of things into
healthcare adds a new layer of data protection previously not experienced.
With all of these variables coming into
play, we need to take a pro-active stance and build a program of security
awareness. Security awareness uses education and knowledge to tackle the
specter of security threats, in all its forms. Security awareness covers the
whole gamut of security and builds up a knowledge base across your extended
workforce around security issues that they can call upon to help mitigate
risks. Security awareness training brings everyone in the
organization together under an umbrella of training. It ensures that the
playing field of knowledge around cyber security threats is level. Security
awareness is about:
- Creating
a culture of pro-active security—understanding what is happening in the
wider security landscape, such as the significance of phishing
- Creating
a respect for individuals’ privacy
- Knowing
what protected health information (PHI) actually is and why it needs to be
protected
- Understanding
that security is part of the whole organization and impacts everyone
- Knowing
which security and privacy rules apply to healthcare and what impact they
have
Done well, security awareness training
can become as integral a part of your overall security strategy as the
technology you use to prevent the cyber attacks.
No comments:
Post a Comment