The healthcare industry is quickly growing as a sweet spot for hackers to steal large amounts of patient records for profit. The US Department of Health and Human Services breach tool reports over 340 data breaches in 2017 impacting more than 3 million individuals, and 176.5 million individuals impacted since the federal tally commenced in 2009. While there was no large breach last year, such as the Anthem Blue Cross 78.8 million records breach, the number of breaches continues to increase. Hospitals are known to be a soft target making it easy for hackers to gather large amounts of patient data in a single hacking effort.
As cyberattacks and Internet threats continue to rise with the use of web-based healthcare portals and remote patient mobile technology, managing security and compliance across a distributed healthcare organization becomes a daunting task. A typical healthcare patient record includes name, address, social security number, birthdate and health history. With such a wide amount of personal data, a bad actor can open credit accounts or apply for medical care. While a person’s financial identity can be fully restored, healthcare data breaches have a much more personal and longer-lasting impact on victims.
In the end, the attacker’s ability to monetize is predicated upon either disrupting operations or stealing data. A data and application security solution provides the tools to protect your site and specifically to protect the privacy of patient records. These solutions protect the healthcare site from hackers who attempt to breach or disrupt the site and also provide protection to safeguard patient data.
Safeguard Patient Data
HIPAA and PCI regulations require that you protect patient health and financial data from unauthorized access and breaches. Even if an unauthorized individual gains access to the patient data, these Imperva Data Security solutions help you safeguard your sensitive data at the source across a broad range of data stores.
- Discover sensitive data – To ensure that all sensitive data is protected, Imperva SecureSphere automates data discovery. It will scan the network to identify database services and servers and identify database instances that contain sensitive data.
Databases are scanned for vulnerabilities and misconfiguration, and vulnerabilities prioritized with remediation identified.
- Monitor data usage activity – Imperva monitors and audits all data access activity, including privileged users and applications. Continuous monitoring detects and alerts you to unauthorized access, gives you details to take action, and allows you to instantly block access. SecureSphere also documents all incident findings and provides detailed reports for any audit purpose.
- Identify risky users –Imperva CounterBreach employs machine learning to automatically uncover unusual data activity. It profiles both user and data activity to establish a baseline. Activity that deviates from that baseline can then be identified before threats become breaches.
The most risky users and assets are identified so that the most serious incidents are prioritized. You can then filter by priority and focus resources on those incidents.
- Mask sensitive data – Sensitive data should not be exposed to those without a need to know. To reduce the risk of data breach and comply with data protection and privacy regulations, such as HIPAA and GDPR, Imperva Camouflage Data Masking provides a variety of techniques to mask data in non-production environments. First it automatically identifies and classifies sensitive data in your database. You can then use one of the pre-defined masking techniques or create custom data transformers to replace that sensitive data, with realistic fictional value, maintaining data utility without exposing sensitive information such as electronic health records (EHR) or electronic medical records (EMR).
Web Application Security
Imperva Web Application Firewall (WAF), named by Gartner as a leading WAF for four consecutive years, analyzes all user access to your web application and protects patient portals and health information exchanges (HIE) from cyberattacks. It protects against all web application attacks including OWASP top 10 threats and blocks malicious bots. It controls which visitors can access your application with traffic filtering based on a variety of factors.
DDoS protection automatically detects and mitigates attacks targeting websites and web applications. Imperva Incapsula is the only service to offer an SLA-backed guarantee to detect and block attacks in under 10 seconds. Our new Behemoth 2 platform blocked a 650 Gbps (Gigabit per second) DDoS flood with more than 150 Mpps (million packets per second), with capacity to spare. Besides handling large volumetric attacks, DDoS Protection specializes in mitigating complex application layer attacks.
In addition to securing patient data these tools enable compliance with industry data protection and privacy regulations, such as HIPAA and PCI. Compliance can be a challenge for the healthcare organizations that must comply with the requirements that are spread over a number of regulations and mandates.
Imperva solutions provide continuous automated compliance with site and data protection and advanced audit and reporting tools. Please refer to the Healthcare Cyber Security Compliance Guide to find out more about how Imperva can provide compliance with regulations for requirements of database, file and web application security.