Quest Diagnostics Data Breach
Quest Diagnostics Data Breach
Another Data Breach occurred last week. Unauthorized access which compromised 11.9 million records with Quest Diagnostics. The billing company for Quest Diagnostics, has been given the ranking as having the 2nd largest data breach in healthcare history (Anthem Blue Cross is the 1st). Wow! We can only imagine the humiliation and loss of business that the American Billing Collections company now faces. An unauthorized user had access for 8 months! What can you even say about that? If this wasn’t so terrible, it would be laughable that IT Infrastructure and Security Measures FAILED!
This is serious yet we are becoming less affected by events such as these when we shouldn’t be! Security protocol and monitoring tools could have stopped an unauthorized user and remedied the situation, but letting something go unmonitored for 8 months? Well that’s 100% preventable! At OCCloud9 we understand how critical it is to protect our client data, oftentimes stopping intrusions at the user level and educating our clients on how to safeguard the valuable data that affects their clients as well.
Events such as this data breach and all others is a warning sign to us all. Quest wasn’t the only company that was contracted with American Medical Collection Agency, so I’m certain that there will be more to report in upcoming weeks. If you are not completely satisfied with the security of your data, if you are aware that your company is in jeopardy of a security breach, seek help immediately! Always error on the side of caution and get a second opinion both for yourself and for your clients. HIPAA compliance guidelines were created for a reason. The use of technology only proves it’s necessity. We take the HITECH Act of 2009 seriously and so should any provider who works with clients who must be HIPAA Compliant. Contact OCCloud9 today. We can help!
Many may ask, “What can I do?” There are many preventive solutions that a competent IT Company implement for you such as:
- Make a mandatory password change policy every 15-30 days – this would probably eliminate most attempts. If this policy was put in place, the user that has unauthorized access, would have been shut down immediately.
- Run and Evaluate Network Log ins – identify all unauthorized intrusion attempts. If you have a strong firewall with security, the attempts will be blocked. If not find a pattern and shut it down!
- When an employee is terminated, disable their access immediately!
- Keep a valid SSL Certificate on your company website to help close any back doors into your company website and domain.
- Keep a robust Firewall with content filtering, intrusion prevention and gateway antivirus activated.
- Use a supported Server and Desktop Operating System
- Hire a competent IT Company that knows how to monitor and detect unauthorized intrusions.
Remember this: Intrusions are preventable. Contact a member of our team for further assistance in securing your data.
