American Association for Physician Leadership

Quality and Risk

Combat Internal Tech Breaches That Plague Health Care

Andy Smith

July 24, 2018


Summary:

What can physician leaders do to combat self-inflected cyber security threats in their healthcare organizations?





It’s the enemy within. More than half of all cyberthreats are self-inflicted, but there are areas physician leaders can target to slow the trend.

Of the 2,216 reported international cybersecurity incidents last year, nearly a quarter (536) were directed at health care organizations.1 Each health care organization spends an average of $12.47 million in cybercrime expenses annually.2

What compounds the problem is that so many health care cyberthreats (56 percent) are self-inflicted — double the global average.1

Here are some areas physician leaders can target:

ACCURACY: 62 percent of health care’s security-related human error stems from email and faxes being sent to incorrect parties. Ensure transmissions are encrypted, then provide training for your staff.

RELATED: Cybersecurity: Are Physician Leaders Ready for Worst-Case Scenario?

ACCESS: Some employees will abuse access to systems and data. Monitor all access to internal health information, supported by training and enforced by corrective action.

DESKS: The office is the most frequent location (36 percent) for theft of assets such as laptops, mobile devices and documents. Encryption helps. So does locking your workspace.

AUTOS: Employee vehicles are the second-most frequent location (32 percent) for theft of those same assets. Don’t leave them in a vehicle.

RELATED: Three Takeaways for Physician Leaders Implementing Health IT Initiatives

SHREDDING: Establish — or follow through with — institutional protocols for physical destruction of all sensitive documents.

Andy Smith is a senior editor with the American Association for Physician Leadership.

REFERENCES

  1. Verizon, 2018 Data Breach Investigations Report .

  2. Accenture and Ponemon Institute, 2017 Cost of Cyber Crime Study .

Andy Smith

Andy Smith is senior editor of the Physician Leadership Journal.

Interested in sharing leadership insights? Contribute



For over 45 years.

The American Association for Physician Leadership has helped physicians develop their leadership skills through education, career development, thought leadership and community building.

The American Association for Physician Leadership (AAPL) changed its name from the American College of Physician Executives (ACPE) in 2014. We may have changed our name, but we are the same organization that has been serving physician leaders since 1975.

CONTACT US

Mail Processing Address
PO Box 96503 I BMB 97493
Washington, DC 20090-6503

Payment Remittance Address
PO Box 745725
Atlanta, GA 30374-5725
(800) 562-8088
(813) 287-8993 Fax
customerservice@physicianleaders.org

CONNECT WITH US

LOOKING TO ENGAGE YOUR STAFF?

AAPL providers leadership development programs designed to retain valuable team members and improve patient outcomes.

American Association for Physician Leadership®

formerly known as the American College of Physician Executives (ACPE)