The feds have released guidance to providers on how to protect patient data — but a recent breach shows why training staff may be the most crucial step. After two of the biggest breaches of patients’ protected health information (PHI) in healthcare history, you might think your facility’s biggest threat is from hackers infiltrating your system with complex software and viruses.But hospitals also have to be prepared for cyberattacks in simpler, seemingly innocent forms — like email phishing schemes.
Breach details
Case in point: Seton Healthcare Family, a Texas-based facility that’s part of the Ascension Health System, recently announced it experienced a breach due to a phishing scam. In December, an employee at the facility opened a fraudulent email from a hacker, which exposed the system to further attack. An investigation into the breach determined that approximately 39,000 patients’ PHI was compromised by the attack.
