Tag: Data Protection

A data breach is an incident where a hacker gains access to a database that contains the user’s personal details such as login information, financial details, Social Security Number, address, PHI, etc. In the case of an organization, a data breach can result in revealing of trade secrets and other critical business information. Once stolen, this information is then sold on the dark web to cyber criminals who use it for their profit.

The damage caused by a data breach can be minimized if it is detected in time. Here are some ways to verify a data breach:

Online Tools: A number of online tools are available to help users in verifying if their email account has been breached. Another way of verifying a data breach is via a data breach database. A data breach database such as HIBP (created by Troy Hunt, a Microsoft regional director, and MVP) contains a list of compromised email accounts and passwords. Users can search these databases for their email to see if their email and password are among the compromised lists.
Updated Browsers: Using an updated browser that has special features can help users in knowing if their password has been compromised. Browsers such as Chrome 79 include ‘Password Checkup Feature’. When a user enters a password, the feature warns the user if the password has been compromised without the need of saving the password.
Unauthorized Activity: Regularly check your accounts for any unauthorized activity in your account. Keep an eye on your sent emails. If you notice any emails sent to anonymous accounts, this indicates that your email account has been hacked. In case of any social media account, make a note of any unusual posts, messages, etc. Any unauthorized activity indicates a data breach including username and password.

Whilst these methods may be helpful, there is no bulletproof method of verifying a data breach. An ideal way of approach is to employ stringent data protection strategies. Some of the most efficient personal data protection strategies include access controls on the network, use of automated backup system, equip the data storage center with a protective suit, robust monitoring & reporting, and use of a secure password.

For more information on ways to verify data breaches, contact Centex Technologies at (254) 213 – 4740.

Importance Of Data Encryption For Healthcare Industry

By centexitguy

On April 21, 2020

In Security

Data protection holds an important place for every industry. This importance increases many folds in the case of the healthcare industry. A trusted way of data protection is ‘Encryption’. The key is to encrypt both static and moving data. However, with an increase in the amount of healthcare data being collected every day, encryption has become a challenge.

Before understanding the ways of data protection, it is imperative to know the sources of this data:

Hospital devices
Personal devices of the patient
Implant devices
Data from pharmacists, drug manufacturers, and distributors
Data from insurance companies

What Is The Need To Protect Healthcare Data?

Healthcare data is a lucrative magnet for cybercriminals as they can sell the data on the dark web and earn high profits. In addition to demanding ransom, the cybercriminals may use stolen healthcare data for:

Identity theft and health insurance fraud
Exposing private information
Damaging a person’s reputation
Causing personal distress
Using compromised accounts as gateways for a network breach

What Does Healthcare Data Encryption Mean?

Data encryption means converting the original data into encoded text. This form of text is unreadable unless it is decoded using a decryption key or code. In case, of healthcare data, it includes the protection of ePHI (Personal Health Information) to secure it from unauthorized access.

The secret for a successful data protection using encryption lies in ‘Key Management Strategy’.

Key Management Strategy:

Key Management Strategy deals with an important question – how can healthcare organizations ensure that the key required to decrypt the data are shared with authorized parties only. The strategy addresses the following points in general:

Key Storage: The decryption keys should be stored securely to avoid theft.

Rotation/Destruction Of Keys: This factor helps in ensuring that new decryption keys are applied to new data sets. Also, it is important to preserve the old keys required to access old data sets, whenever needed.

Key Generation Granularity: Zero Trust Approach should be followed in the process of key generation while ensuring key access to even the lowest tier of authorized users.

Automation: Automating the Key Management System helps in reducing human error as well as an administrative burden.

Ease Of Use: In order to make a Key Management System effective, the system should have an easy to use user interface.

For more information on the use of encryption to protect healthcare data, contact Centex Technologies at (254) 213 – 4740.