Statistically, your employees are the biggest threat.
Most security breaches are not caused by cyberattacks or unencrypted devices. Most breaches are the result of internal employees.
We can help your practice stay on top of the latest breach prevention methods. Subscribe to stay current and up to date on important matters that will impact your practice. (To subscribe to our blog click here).
Employee negligence is the leading cause of security lapses. In fact, employee negligence accounts for 37% of the these healthcare provider security issues.
Other causes of security breaches include:
- Theft of devices (22%);
- Employee theft (16%);
- Malware (14%); and
- Phishing scams (11%).
These statistics show that employees are a fundamental part of your breach readiness plan, as they account for 53% of security incidents.
So how can you prevent breaches caused by employee negligence and theft?
It is essential to have adequate security policies and procedures in place. Your policies and procedures should be thorough, and include adequate sanctions for employee negligence and theft.
Next, it is important to educate your employees. Training employees on your policies, procedures and breach readiness can help to reinforce the importance of security and the consequences for failure to comply.
It is important that your employees know how important security is to your practice. The tone must be set from the beginning. Make sure your senior staff is in compliance and sets good examples for newer employees.
Finally, it is essential to put security measures in place with detection capabilities. Know when your employees are accessing records and make sure to include all devices in your Risk Assessment Inventory.
Adequate training and enforcement of policies can help your practice avoid a breach at the hands of an employee.
In our next blog post, we will keep you informed of related issues. To get this important information delivered directly to your mail box, click here to Subscribe.
Do you need help with putting your required HIPAA policies and procedures into place or with training your employees? We can help. To contact us about your practice’s HIPAA Risk Assessment, employee training, or your other legal needs: CLICK HERE.
P.S. If you or your patients are interested in consumer healthcare issues, check out myhealthspin.com.