Recently, the second biggest retail company in the United States revealed that data of up to 110 million customers, had been compromised by hackers. Theoretically speaking, it equates to 34% of the US population, and is a breach of massive proportions –unparalleled in history.

What can the healthcare industry learn from this? Although, chances are slim, that a breach of this nature will ever occur in the healthcare industry, but any breach of Protected Health Information (PHI) creates significantly more risk. Healthcare breaches may include loss of insurance coverage, misdiagnosis, mistreatment and more. Let’s discuss how the healthcare industry can guard itself against such data breaches.

Conduct breach assessment

Like I discussed in my post yesterday, conducting a breach assessment is absolutely crucial for your healthcare organization. It can prevent professional and financial damage. As was the case with Target, when the information about data breaches was made public, it really affected Target’s reputation, and they found themselves facing the possibility of being fined $3.6 billion.

Operationalize breach response process

When you have a breach response process in action, it prevents a typical knee-jerk reaction in case of any data breach, and makes it more of a strategic process. This is something else which Target failed to do, and therefore, faces an additional lawsuit for the delay in notifying customers about the data breach.

Upgrade risk analysis and technology

It is very important for you to clearly identify potential risk points, and develop a strategy to counter them. The Target breach happened at the point-of-sale, normally not considered a vulnerable place. It was further revealed that Target was using ancient PIN encryption technology to protect customers’ data. Make sure you keep upgrading technology to meet the latest security standards, and ensure protection of patient data.

Understand risks

Attacks can quickly spread through a system once it is compromised. Make sure you develop a mosaic approach in ensuring security of health insurance exchange. Create different protection strategies, and technologies to nullify the effects of any potential breach at one node. Target had multiple access points which made the attack, that much easier.

Never underestimate hackers

Never underestimate how motivated the hackers are, to break into a system. Medical information is particularly important, and contains a lot of sensitive data – making it a prime target for hackers. You should understand that there is a lot of information that is at stake. According to Kirk Herath, Nationwide Chief Privacy Officer, medical information has a street value of $50 versus $1, the value of a stolen Social Security number.

Get business associates in order

Make sure you have signed business associate agreements with all your vendors and technology providers, because in case of any breach, you should be able to avoid any drastic penalties or fines.

One strategy that Business Insider recommends to reduce breaches for companies, is to share information on how system hacks happened. This helps every organization strengthen security weaknesses, and prevent future attacks.

The Target data breach may have been the biggest in the retail industry, and while healthcare is relatively safer, given the strict security guidelines and modern technology infrastructure, the risks are always there. In order to protect patients’ information, healthcare organizations need to stay vigilant, and keep their guard up.