Faegre Drinker counsel and retired FBI agent Jason G. Weiss provided insight to HealthcareInfoSecurity on insider risks for an article detailing recent federal charges filed against an employee of a Florida medical billing company involving alleged identity theft and Medicaid fraud.
"These threats are becoming the tail that wags the dog in the cybersecurity world. Last year, almost 70% of cyberattacks had an inside component," Weiss said.
"This is a problem that appears to be growing and becoming a much more serious threat that medical providers need to not only be aware of but to begin implementing critical security controls to prevent these types of insider attacks."
To help mitigate the insider threat, Weiss explained that organizations should consider implementing administrative controls, such as "separation of duties" where a second person is needed to approve and confirm certain insider actions, such as billing.
Weiss said, "There is no sure fire 'iron shield' that will prevent or protect against all potential cybercrime, but the harder you make it for potential criminals, the less likely they may be included to go down the road to fraud, misappropriation of funds and other types of cybercrime.”