Data Security: Why it Matters in Regulated Industries
Data security in regulated industries is especially important in order to comply with stringent security protocols and regulatory requirements.
3 September 2014
We all know that data security involves keeping sensitive personal and corporate data secure and protected. But many organizations don’t have the proper security and controls in place today. Hacking techniques are very sophisticated and companies need equally sophisticated tools to prevent attacks and secure corporate data.
It seems as if almost every month another a catastrophic cyber-attack is in the news. But those public events don’t reflect the real numbers of hacks. Many other breaches do not get as much — if any — media attention. Earlier this month, one of the biggest cyber-attacks on a healthcare organization was announced — and the personal data of 4.5 million patients was compromised. And, even more recently, the Department of Homeland Security was hacked — resulting in the exposure of information from 25,000 workers.
Hacking: Is Your Network Vulnerable?
If breaches can happen to these organizations, it can probably happen to yours unless you implement the proper security measures. These types of breaches have become very common and have serious adverse effects on both the organization and affected consumers.
It is critical for all organizations — and especially for those in highly regulated industries — to comply with stringent security protocols and regulatory requirements. Personal information (such as Social Security numbers, credit card details or business data) is extremely sensitive and valuable. It also presents a dangerous situation if such data falls into the wrong person’s hands.
Medical Data A Dangerous Thing to Mishandle
For an example, take the medical industry: With regulations such as HIPAA and HiTECH, it’s imperative that organizations uphold the highest level of data security and privacy to remain compliant and protect patients’ information. Otherwise, these organizations will face severe consequences, including civil and criminal penalties, as well as escalating disciplinary actions.
The key to addressing regulatory challenges is to understand and identify security loopholes specific to the industry. Here are a couple of examples with broad implications:
- BYOD: The bring your own device (BYOD) approach presents many risks for healthcare and medical organizations. When patient information is sent through insecure channels, employees lose control and managed access to that data. With such a lack of control and security, the risk of an accidental or intentional leakage of this information is significantly higher. Medical organizations should make sure their employees are using a secure and encrypted mobile application to manage sensitive data on the go. With a secure and robust solution, employees can collaborate and share information freely and securely.
- Unmanaged use of collaboration tools: Ignorance of just what tools are deployed in your organization exposes your company to great risk. In fact, many information technology managers are starting to realize that the unsanctioned use of consumer file sharing tools presents security, performance and compliance issues. A recent Harris Interactive poll, revealed that, 84 percent of respondents (all corporate IT influencers) agreed that employee adoption of consumer-grade free file sync and share (FSS) products creates potential security problems.
Ultimately, organizations are responsible for taking the proper measures to protect their customers’ data and privacy, and to comply with regulatory requirements. It might now be time to start preparing.
Britany DiCicco supports the enterprise product marketing team at Intralinks focusing on market analysis, positioning, messaging and go-to-market initiatives. Britany’s previous experience at Intralinks included analyst relations, competitive intelligence, and marketing. She graduated from Northeastern University with a degree in Economics.