The most publicized data breaches tend to involve retail giants, but it’s usually an entity’s partner or vendor that gets compromised – that’s especially true in the healthcare industry. Partners are essentially extensions of the health plans they work with since they have access to their systems and member data. That’s why it’s crucial for plans to choose partners that have the best-in-class security controls.
The Health Information Trust Alliance (HITRUST) is the current gold standard in the industry, encompassing frameworks like Payment Card Industry (PCI) Data Security, National Institute of Standards and Technology (NIST) and – of course – the Health Insurance Portability and Accountability Act (HIPAA). To ensure the protection of client data, solutions providers such as Advantasure have taken steps to obtain certification. However, certification alone does not guarantee security. Policies, processes, standards and technology controls are needed to maintain security frameworks and protect member data.
1) Complex passwords/passphrases
Even strong passwords can be cracked – it just takes longer. Here’s the good news: hackers are lazy. They don’t want to wait an hour to break a password when there’s one out there they can crack in five minutes. Passwords are the first level of defense when protecting client data. They require upper and lowercase letters, numbers and special characters.
2) Two-factor Authentication
Passwords alone don’t provide the level of security required to adequately protect client data. In addition to a username and complex password/ passphrase, two-factor authentication requires employees to enter a randomly generated code that is sent to their mobile device, key fob or other security token.
Cybersecurity always seems like someone else’s problem, until it happens to you or someone you know. A lot of people try to use something like “summer2018,” and update it as the seasons change. It helps to ask employees how they would feel knowing a password like that was the only measure protecting their personal information and, ultimately, their identity. The truth is, you can never have enough security. The trick is making sure security measures don’t impede your organization’s ability to get work done.
Lost or stolen records containing personally identifiable information cost healthcare organizations an average of $408 each, according to a July 2018 study by IBM Security and the Ponemon Institute. Meanwhile, the average cost across all industries is $148 each.
In the spring of 2018, Tessellate integrated with a sister company to form a stronger, more competitive organization, with the ability to leverage complimentary products and services and deep industry expertise. Recently, the company unveiled its new brand, Advantasure, with the tagline: Fueling Accelerated Performance.
The new name and tagline accurately reflect the company’s unique suite of technology products and business process services that improve the performance of health plans and provider organizations in the delivery of government healthcare programs.