Why Zero Trust is The Answer to Securing Healthcare Data


            It’s high time the healthcare industry started taking data security more seriously.

            by Narendran Vaideeswaran, Product Marketing Manager, ColorTokens Inc




            Like  many  other  major  industries,  the  healthcare  industry  too  is  under  constant  attack  from
            cybercriminals.  Healthcare  organizations  have  a  huge  repository  of  patient  data  like  name,  phone
            number, email address, and medical history. Apart from personal information, they also store payment
            details which hackers can misuse for monetary gains.

            Recent  attacks  on  healthcare  organizations  have  shown  that  cybercriminals  are  using  sophisticated
            techniques  to  hack  into  secure  networks  and  exfiltrate  data.  While  cyberattacks  are  one  part  of  the
            problem, the healthcare industry also suffers from a huge percentage of internal threats.

            These threats could be employees with malicious intent or unintentional actions by employees which
            directly compromise an attribute of a security asset. If the healthcare industry wants to protect itself, both
            these threats must be prevented without compromise.




            State of Security in The Healthcare Industry

            Due to sensitive nature of the data that is at stake, the healthcare industry in the US must comply with
            HIPAA (Health Insurance Portability and Accountability Act of 1996). The legislation recommends a set
            of guidelines which ensure that healthcare organizations implement physical, network, as well as process
            security.  However,  it  is  becoming  increasingly  evident  that  limiting  cyber  security  to  just  HIPAA
            compliance is not enough anymore.











                                 129