The What Ifs: Navigating Compliance, OCR Enforcement, and the PHI Risk Threat Landscape

Current privacy and security threat scenarios experienced by fellow customers, how to mobilize a best practices response to each, and how to prepare in the event you encounter a PHI breach or are audited by OCR

What are the biggest risks to patient privacy and security that face healthcare organizations today? The largest threats resulting in the most damaging breaches revolve around these “what if” scenarios:

  • Self-Modification: Many breaches result from users modifying their personal medical records. This “what if” scenario results in problems such as deleted charges, the self-prescribing of narcotics, and the altering/removal of undesirable medical results. If self-modification was happening at your organization, would you know? And what would the implications be?

  • Patients-of-Interest: Increasingly, the health records of patients that are celebrities on a national or global scale are often the targets of breaches. The illicit publication of the records of high-profile patients such as George Clooney, Farrah Fawcett, and Britney Spears has generated world-wide headlines for some very unfortunate healthcare organizations.

    And while many organizations utilize VIP-monitoring, that’s not enough; patients that just happen to be well-known locally are often the focus of patient data breaches. (Example: One healthcare organization’s patient was a police officer whose name had been in the local news. Imprivata FairWarning’s Patient-of-Interest Report revealed that the officer’s records had been accessed by 1,800 individuals!)

  • Compromised/Misused Credentials: Phishing attacks. Malware infections. Disgruntled employees. All are threats that can result in the compromise and misuse of users’ credentials. And increasingly, organized crime is targeting healthcare organizations for gaining illicit access to employee credentials. (Did you know that some criminal organizations are even sending operatives through nursing school just to have insider resources for accessing user credentials?)

    Complicating the issue is the fact that many healthcare organizations can’t even identify all their users during audits. Or they can’t audit for a specific user across all applications.

Every healthcare organization is susceptible to encountering one—or all—of these “what if” scenarios. And just one incident with a single “what if” scenario can be devastating.

During this webinar, four of Imprivata FairWarning’s leading experts in patient privacy security team-up to detail these “what if” threats, and offer action plans for countering these threats. The team also illustrates how Imprivata FairWarning Patient Privacy Intelligence can be used to expose and eliminate these threats, and provides step-by-step instructions for using Imprivata FairWarning in defending against these threats.

Each of the above “what if” scenarios threatens every healthcare organization on the planet—and causes sleepless nights for more than a few security officers. This webinar provides a great starting point for assuring that a runaway “what if” scenario doesn’t happen at your healthcare organization.