Ex-hospital Employee Wrongfully Exposed 9k Patient Records – Experts Insight

BACKGROUND:

Newark, N.J.-based University Hospital has notified thousands of patients that their protected health information was exposed by a former employee. An interesting aspect of this breach is that it was information of  “certain patients treated in the emergency department at UH following motor vehicle accidents between 2016 and 2017.” 

Subscribe
Notify of
guest
2 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Sascha Fahrbach
Sascha Fahrbach , Security Evangelist
InfoSec Expert
October 19, 2021 1:24 pm

<p>Insider threats remain a significant risk for organizations, and healthcare, in particular, is highly vulnerable due to all the valuable PII that cybercriminals are after. With the pivot to remote work and cloud migration, that task has become even more of a challenge. We have to remember that insiders aren\’t only limited to employees. This term can also encompass contractors, suppliers, as well as former employees.</p>
<p>Thankfully, there is a lot of guidance available to aid organizations in preparing themselves as best they can to mitigate this risk. For any organization to stand a chance, first, an audit should take place. It\’s vital to know what a typical \’normal\’ situation looks like. Only then can proper security policy guide the rest of the way.  With the NIST cybersecurity framework, a thorough roadmap is given to the industry, which can help with a comprehensive plan covering vital elements: identify, protect, detect, respond and recover.</p>
<p>Unfortunately, no one can ever guarantee complete security. There is still the human factor at the core, and this can play out in various ways. Ultimately, it is a holistic approach to security that encompasses secure access, significantly reducing risk. When organizations incorporate zero-trust into their departments, a positive step is taken to combat insider threats.</p>

Last edited 1 year ago by Sascha Fahrbach
Trevor Morgan
Trevor Morgan , Product Manager
InfoSec Expert
October 19, 2021 1:18 pm

<p>The data breach incident that University Hospital disclosed about a former employee who viewed and shared highly sensitive patient information accentuates the threat posed by the “inside job.” We often focus on threat actors working on the outside of our perimeters trying to get into the enterprise environment and thereby compromise data, but people on the inside have a leg up because usually they have some access to the internal network environment and IT resources. Also, employees are usually granted a certain level of trust with enterprise data, even if they don’t have access and rights to all information within the organization. Working from the inside with an implied level of trust means that the inside job has more time to develop and execute an effective exfiltration strategy.</p>
<p>The answer to counter this threat is to recognize how vulnerable businesses are from the inside and to adopt security stances like Zero Trust, which denies implicit trust to users, devices, and other entities regardless of their location within the network. Reduce or better yet eliminate implicit trust, challenge data requests more frequently and aggressively, and provide bare-minimum privileges if an expressed need for data or resources can actually be validated. Don’t trust, but still verify.</p>

Last edited 1 year ago by Trevor Morgan
2
0
Would love your thoughts, please comment.x
()
x