Stolen Patient Medical Records are a Massive Healthcare Security Risk. Here’s How to Prevent It.

Enterprise Software & Security

A hand picking up a fileA misplaced laptop in an unguarded hospital room. A crafty thief. Thousands of healthcare records sold to the highest bidder, and thousands of patients whose identities are now forfeit. A legal disaster, and a PR nightmare.

That scenario is much more common than you might think, but it’s far from the only way protected health information (PHI) might be compromised by criminals.  PHI is some of the most valuable data on the market for criminals. That means that if you aren’t taking the necessary precautions to protect your patients, their private details will eventually end up in the wrong hands.

And you’ll be the one who pays for it.

I’ll be the first to acknowledge that defending a hospital against leaks, hacks, and breaches isn’t easy. There are so many avenues through which patient data can be stolen or compromised, it’s tough to even know where to start. And these challenges are only further compounded by the fact that both doctors and patients are driven mostly by what’s convenient – and security usually isn’t.

That doesn’t mean it can’t be, though.

Securing medical record files is hard. Healthcare professionals share protected files all the time. Doctors forward data to their colleagues via email for a second opinion, nurses share files over mobile devices to better care for patients, hospitals share patient details with insurance companies, and patients correspond with care providers to discuss treatment.

At any time in this process, the data could be compromised:

  • A device containing patient data could be stolen.
  • Files could be inadvertently forwarded to an unauthorized third party.
  • Documents shared over an unencrypted/unsecured connection could be hijacked.
  • More traditionally, patient files stored on a server could be illegally downloaded by an attacker.

Heart rate monitor, patient and doctors in background in intensive care unitIn order to ensure the best patient care possible, healthcare professionals need to be able to collaborate, both with one another and with third parties. But they need to do so in a way that’s compliant with healthcare regulation. What they need is a secure enterprise file synchronization and sharing (EFSS) platform that’s both compliant and easy to use.

What they need is WatchDox, and its close cousin, WatchDox Email Protector.

A two-time visionary in Gartner’s EFSS Magic Quadrant and a leader in Forrester’s EFSS Wave Report, WatchDox allows protected files to be shared freely, without compromising file security. Flexible and intuitive, it centralizes control over a hospital’s most sensitive data squarely in the hands of its IT department. Email Protector, meanwhile, automatically extends WatchDox’s security to email attachments, and integrates with existing email Data Leak Prevention tools for even greater security.

WatchDox helps keep PHI safe with some of the following functionality:

  • File Tracking: WatchDox logs how, where, and by whom each file is accessed, and what’s done with those files. This makes auditing significantly simpler.
  • Granular Controls: For each file shared through WatchDox, dictate whether a user can access, view, copy, print, edit, download, or forward. These permissions can be extended or revoked at any time.
  • Set Individual or Group Permissions: WatchDox’s robust permissions make it easy to set up a viewing repository for patients– ie. you could create a user-group for medical staff with access to all files, then give each individual patient access exclusively to their information.
  • Customizable Watermarks & Spotlight Viewer: Deter intentional leaks by including user details on documents, and screen capturing by blurring the screen everywhere but the mouse cursor’s location

Working in an industry such as health services makes collaboration a challenging legal and security minefield. Doctors, nurses, and care providers frequently work with extremely privileged data, and one need only look at the numbers to see how valuable that data is to criminals. By making use of WatchDox alongside BlackBerry’s other security software, you can ensure it’s kept out of their hands, and safely in yours.

Attention Salesforce users: secure document collaboration has arrived with the new WatchDox app. Get it here. Or want to learn more about what WatchDox can do for you? Check out our webinar, WatchDox by BlackBerry: Industry Use Cases for EFSS or download the Forrester Wave report naming us a Leader in EFSS. You can also visit the official WatchDox page or view our WatchDox product demo for further information. Finally, visit ourWatchDox Email Protector Page to learn more about how you can step up your email security.

About Dan Auker

Director of Product Management, Enterprise Software - Dan is an industry veteran with 18+ years experience building and monetizing enterprise software and solutions.

Join the conversation

Show comments Hide comments
+ -
blog comments powered by Disqus