NIST Privacy Framework : Our Essential Data Protection Guide


Another Casualty of Prevalent PHI Breaches

Valley Hope Association’s mission is to help people overcome their dependence on alcohol and drugs. At their 16 addiction treatment centers, therapists and staff focus on helping people remove the triggers that drive their addictions in a safe and secure environment. But like so many non-profits, Valley Hope’s good intentions for protecting their patients weren’t enough to prevent hackers from exploiting their IT security weakness.

Last week, 70,000 Valley Hope clients found that their Protected Health Information (PHI) — including names, addresses, medication information, Social Security numbers, financial information and more — were compromised due to a phishing attack which granted unauthorized access to an employee’s email account.

This kind of breach isn’t new or uncommon. In 2018 alone, the U.S. Department of Health and Human Services’ Office for Civil Rights received notifications of 351 data breaches of 500 or more healthcare records. Those breaches resulted in the exposure of 13,020,821 healthcare records. Though the number of breaches was down compared to 2017 (359), the number of exposed healthcare records was up by almost 8 million (5,138,179 in 2017).

According to a recent study 75% of healthcare representatives surveyed said that the automated discovery of sensitive information would assist them in securing data. And 70% reported that the classification of sensitive data would help in securing PHI.

Remove the Risk

Spirion helps healthcare organizations rapidly discover, accurately classify and automatically remediate and manage sensitive data stored on their networks and in the cloud — every file and email in all organizational units, endpoints, and users. Industry-leading AnyFind technology performs in-depth searches of unstructured and structured PHI data where it’s stored, allowing organizations to stop leaks at their source. Once PHI data has been discovered, it can be encrypted, shredded, redacted or quarantined to a secure location.

Breaches don’t have to happen. With the right solution, you can stop them before they do.

Visit Spirion to learn more!