Managing Malicious Insider Threats
OCR Shares Best Practice
Customer service representatives, IT staff, managers, and even senior executives can expose their organization to any number of security threats simply because they are considered trustworthy or have access to sensitive data like health information. In a recent newsletter, the HHS Office for Civil Rights provided guidance on where, who, what, and how of safeguarding critical data. Among their suggestions are taking an inventory of where all their data is located, setting strong physical and virtual access controls of what can be accessed and by whom, limiting how users access data via mobile phones, laptops and external storage devices, and regularly reviewing audit logs, access reports and security incident tracking reports. PrivacyPro customers can also find more information about this in the PrivacyPro Reference Library.