The Financial Impact of Breached Protected Health Information: 2017 Update
Featuring Contributing Author, HIPAA alli CEO, Kimberly Shutters & Members of the PPN
Making the Business Case Today for Enhanced PHI Security
Healthcare leaders, I have a white paper you’ll want to read!!
In 2017, literally on the heels of WannaCry the PHI Protection Network (PPN), released an update to its highly influential The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security Data at the Advisen 2017 Cyber Risks Insights Conference.
Published originally in 2012, the whitepaper revealed a new predictive analytics model (PHIve) for evaluating and recommending the appropriate investments necessary to secure protected health information (PHI) and mitigate the risks of data breach.
Over the last five years, healthcare has experienced new threat vectors such as:
- · State-sponsored hackers,
- · Ransomware attacks easily purchased on the Dark Web, and
- · New vulnerabilities including insufficiently protected medical devices
- · Unpatched systems or devices
The 2017 Update includes a proven use case of PHIve and is available for free.
- · Dr. Larry Ponemon, Chairman and Founder of the Ponemon Institute
- · Mary Chaput, CFO at Clearwater Compliance
- · Grace Crickette, Associate Vice President at San Francisco State University
- · Keith Fricke, Partner and Principle Consultant for tw-Security
- · Ben Goodman, Founder of 4A Security
- · Rick Kam, President and Founder of ID Experts
- · Anita Osterhaug, President of Communication Associates
- · Rob Prueter, Executive Vice President of SPHER
- · Ray Ribble, President of SPHER
- · Kimberly Shutters, Founder and CEO of HIPAA alli
- · Ed Stull, Executive Vice President and CTO at MiddleGate, Inc
PPN is an interactive network of PHI protectors and solutions providers. This cross-industry group was formed in 2012 to help expedite the adoption of PHI best practices. Many members contributed to the report The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security, which calls for enhanced security to safeguard protected health information and was first issued in March, 2012 by the American National Standards Institute (ANSI), via its Identity Theft Prevention and Identity Management Standards Panel (IDSP), in partnership with The Shared Assessments Program, and the Internet Security Alliance (ISA).