Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Workers comp industry warned to mount defense against hackers

Reprints
Workers comp industry warned to mount defense against hackers

Organizations in the workers' compensation industry need to redouble efforts to secure sensitive data from hackers, according to managed care services provider Genex Services L.L.C.

In a white paper titled “Enemy at the Gate: Data Security Risks in Workers' Comp,” released Thursday by Genex, the workers comp industry is warned that while it has thus far been spared the major data intrusions afflicting companies in other sectors, such as retail, the amount of personal health information and medical data stored by the industry makes it a natural target for data thieves.

Adding to the risk is the fact that companies are required to move this data often in the course of business, the white paper states.

“The primary worry is unauthorized access to (personal health information), which could be used for identity theft or even blackmail,” the paper states. “Unfortunately, there are many ways for such data to be accessed. Data is always in motion in comp claims as there are various vendors, case managers, bill review specialists, and independent medical examiners, all transmitting and sharing files and forms every day.”

To keep this data safe, companies in workers compensation need to establish a series of administrative, technical and physical controls, the paper says.

Administrative controls include background checks and use of confidentiality agreements, privacy and security awareness training, policies and procedures. Technical controls are aimed primarily at information technology functions and include anti-virus and intrusion detection software, network segmentation and use of active Web and e-mail filtering.

Physical controls include limiting access to buildings such as data centers, and the use of key fobs or card-based building access systems.

“The importance of data security can't be overstated,” the white paper says. “Targeted attacks are coming from sophisticated organizations around the world. The good news is many in the workers' compensation industry are stepping up their game by investing in new technologies and prioritizing security.”

Read Next