Protected Health Information (PHI) is more valuable than credit cards on the internet. Meet the team protecting your PHI.
Last year, cybersecurity experts determined that PHI is especially attractive in criminal circles because it can be more useful in identify theft.
Have you ever wondered what Delta Dental is doing to protect you and your employees from a data leak or cyberattack? If you have, Sitaram Inguva — our director of Information Security — has some answers for you.
Q: How long have you been with Delta Dental?
A: I have been at Delta Dental for three years now, but the majority of my experience is in financial security. I have held positions at American Express, IBM and Cubic.
Q: Now that you’ve been in the health care sector, would you say that the stakes are higher with PHI than with average consumer information?
A: All matters of information security are serious, but PHI is quite attractive on the internet, and data breaches can be very expensive. A recent study1 shows that a single compromised health record can cost a company more than $200 in reparation (per enrollee). For these reasons, we use world-class cybersecurity technology to prevent such compromises from happening.
Q: What causes a data breach?
A: A data breach can take many forms, the most obvious form being external hacking attempts by cyber criminals. However, they also happen due to technology gaps, human error and a lack of awareness. At Delta Dental, we of course use best-in-class technologies to protect information, but our most valuable line of defense is employee training and awareness. Apart from data encryption, current software upgrades and patches, our greatest priority is ensuring that our people are trained and up-to-date on best practices in information security.
Q: Are there any specific challenges you face in your job?
A: One challenge we face is striking a balance between convenience and security. As technology continues to evolve, and people rely more on mobile devices, we have to develop controls and safeguards alongside it. We want to offer our clients an excellent customer experience while also ensuring their private information is secure.
Q: Do you or your team have any information security super powers?
A: Our security team is comprised of very talented and highly trained professionals, many of whom have industry-leading certifications including Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA). These certifications are backed by years of information security work experience in health care, banking and government agencies.
Q: Is there anything else you want to share with our clients?
A: I have a few quick tips, plus an interesting resource to pass along.
- Make employee training a priority in protecting your own company’s records and any private information.
- Beware of phishing scams, hoaxes and urban legends. If it sounds too good to be true, it probably is. Always check a company’s known web address if you receive a suspicious email.
- Be aware of vulnerabilities like mobile devices — especially if children have access to them. Check out this project on staying safe online for some useful tips to pass on to your employees.
Thanks for reading, and stay tuned for more information on our IT security efforts!
1 2015 Cost of a Data Breach: United States, Ponemon Institute, May 2015