When it comes to securing a patient’s protected health information, mental health and addiction treatment providers have to take greater precaution due to the especially sensitive nature of the data that is handled. Illegal drug users are not protected under anti-discrimination laws meaning that a data breach puts their personal lives at risk of many negative impacts. Unfortunately, many mental health institutions lack the means to properly protect themselves and their patients from a breach and so they have become prime targets for hackers.
Sound Community Services Inc., a New London, Connecticut based non-profit for mental health and substance abuse disorders, recently discovered an email hack involving the PHI of patients. Most email related hacks are caused by phishing attacks, the use of weak or the same passwords across multiple accounts, or the sharing of user credentials. An investigation was launched immediately when suspicious activity was noticed on the email account containing the PHI of 1,278 patients.
Although there was no evidence that this information was misused or accessed by the unauthorized hacker, the sheer volume of patients whose data was potentially put at risk by something as commonplace as email is still concerning. It demonstrates that breaches can occur with some of the most commonly used tools and how taking preventative measures is better than waiting for a breach to happen to take action.
HIPAA violations or breaches are often caused by employee error or strategic cyberattacks. Email hacks or loss devices with access to patient protected health information can put patients at risk of exposure, identity theft, and a number of other life-altering threats. Organizations can increase the safety of patient information by making sure that this data is shared over exclusively secure and encrypted networks and that photos, videos or documents aren’t stored on personal devices. Consistent monitoring of software and hardware also helps to quickly identify threats or breaches to minimize their impact. Organizations must also implement employee trainings on the importance of maintaining secure communication to reduce human error.
With hackers developing more advanced methods, and a number of security threats on the rise, it is important that organizations take preventative measures. Lua offers solutions to an array of communication issues at a relatively low price compared to the potential fines resulting from a security breach or HIPAA violation. With our mobile and desktop applications, all messages and rich files shared within a network or through our patient facing messaging feature are encrypted at every state, keeping all communication secure and compliant.