Executive Briefings

Failure to Keep Eye on Your Providers Brings Great Risk of Data Breach

Large corporations and government agencies are increasingly suffering data breaches stemming from lax security on the part of their service providers.

For instance, investigators are learning that the gigantic breach at the Office of Personnel Management this summer may have been the result of two previous hacks experienced by its subcontractors.

In the healthcare field, almost one in four organizations reporting data breaches are service providers.

According to the HIPAA Omnibus Final Rule, healthcare providers and their business associates are equally responsible for protecting health information, but covered entities (hospitals, health plans, providers, etc.) are still responsible for ensuring the notification of patients whose records have been compromised - and that can be costly.

There are some practical ways for organizations - not just those in healthcare - to improve data security efforts by service providers.

Read Full Article

For instance, investigators are learning that the gigantic breach at the Office of Personnel Management this summer may have been the result of two previous hacks experienced by its subcontractors.

In the healthcare field, almost one in four organizations reporting data breaches are service providers.

According to the HIPAA Omnibus Final Rule, healthcare providers and their business associates are equally responsible for protecting health information, but covered entities (hospitals, health plans, providers, etc.) are still responsible for ensuring the notification of patients whose records have been compromised - and that can be costly.

There are some practical ways for organizations - not just those in healthcare - to improve data security efforts by service providers.

Read Full Article