The biggest healthcare cybersecurity challenge in 2018 was… (drumroll, please)
Email.
We’re not surprised.
According to HealthITSecurity.com, the majority of healthcare providers struggle to keep up with hackers due to tight budgets and a lack of resources and staff. Unfortunately, while healthcare organizations scramble to protect medical devices, PHI, and communications with insurance companies and pharmacies, hackers are increasing in sophistication. David Finn, Executive Vice President of Strategic Innovation of CynergisTek, agrees. “Email is far and away the number one threat across all industries, but especially in healthcare,” Finn said.
A total of 4.4 million patient records were compromised in 117 health data breaches in the third quarter of 2018, according to the latest Protenus Breach Barometer. More than half of those breaches were due to hacking, while 23 percent were the result of insider incidents. With email, healthcare organizations face the uncertainty of human errors, cyber hacking, and server crashes that put patient data at risk.
Additionally, an email message will typically pass through multiple servers before it reaches the final point of delivery. This indirect transmission method leaves protected health information and other unstructured data vulnerable to imminent threats. Verizon’s 2018 Breach Investigations report found that 92 percent of malware is delivered by email.
By leveraging the security of fax technology with the scalability of the cloud, etherFAX exchanges PHI among the healthcare ecosystem faster and more securely than any other service. Hospitals, medical groups, insurance companies and billing operators can trust etherFAX to transmit unstructured data securely with HIPAA compliance and PCI DSS compliance.
To guarantee data is secure at each endpoint of transmission, etherFAX SENx utilizes well-defined, end-to-end encryption methods such as those defined in the Elliptic Curve Integrated Encryption Scheme (ECIES). As the name implies, ECIES is a hybrid encryption “scheme” that defines methods to secure and transfer information between two endpoints. These methods start with the use of Elliptic Curve Cryptography to generate a shared secret between peers to seed the encryption process with unique keying material while further protecting the information using signing and authentication mechanisms to assure the validity of the data in transit.
With etherFAX SENx, information is encrypted from the moment it leaves the sending device or application until it is accepted and validated by the receiving party. Even if a third-party attempted to eavesdrop on the network communication, the information itself would be indecipherable.
Interested in learning how you can protect communications within your healthcare organization? Let’s chat!