The threat that can cause the most damage to a healthcare practice is the insider. This is an employee or other party that has a trust relationship with the practice and therefore enjoys access to sensitive and valuable data about patients and the practice business. The reason this kind of threat is the most dangerous is because these persons have access and can cause damage based on the authority you gave them. They frequently damage the practice without detection because they are operating within the guidelines associated with doing their job.
Verizon’s respected “2018 Data Breach Investigations Report” states that forty-three percent of data breaches reported by healthcare entities in 2018 originated externally, while 56 percent of incidents were attributed to insiders. So, well more than half of the breaches were from insiders but rarely do you see a healthcare organization devoting anywhere near half of its cybersecurity budget or other resources on this insidious threat.
There are two types of insider threats at play for most organizations. These two threats can be categorized as accidental and intentional.
Accidental insider damage is unintentional in nature and caused by a mistake, being tricked maliciously, operating outside of practice operational guidelines or perhaps negligence. Large amounts of damage can occur with the unintentional threat but it is not as a result of malicious intent.
Intentional damage, or the other hand, are activities knowingly conducted for the purpose of personal gain or inflicting harm to your practice. This could be a front desk check-in person that wants to make money selling your PHI to the dark web for financial compensation or a disgruntled nurse who was fired and takes a “scorched earth” assault on your production server.
Whether intentional or unintentional, insider threats can damage the healthcare practice irreparably.