The IT Nerd

Metomic today released its “Healthcare Data Crisis – Uncovering the Alarming Gaps in Data Security and Compliance” report, offering deep insights on all the ways insecure file-sharing practices are putting healthcare organizations at risk of a data breach. Metomic revealed that 25% of publicly shared files owned by healthcare organizations contain Personally Identifiable Information (PII). Sixty-eight percent of private files that have been shared externally (giving access to people outside of the organization) contained PII and 77% of private files shared internally. 

While publicly shared files that contain highly sensitive data pose the biggest risk for healthcare organizations and underscore the need for data security and DLP tools, many of the access permissions for private files are never updated or removed. This leads to “stale data” living in places like Google Drive where multiple people continue to have access to files they no longer need or should not be able to retrieve, creating high-risk environments that could easily lead to a data breach. 

Metomic’s findings are extremely alarming considering the spiraling trend of data breaches happening across the healthcare space, a highly regulated industry that must follow strict data standards and legislative policies such as HIPAA and GDPR. According to The HIPAA Journal, the healthcare industry experienced more data breaches in 2021 than any previous year. That upward trend has continued to rise. Not only did 2023 see a record number of data breaches, but also a record number of the “most breached records” with more than 133 million records exposed. 

This year, the ransomware attack on Change Healthcare wreaked havoc across the industry, disrupting payments to hospitals, pharmacies, and healthcare providers for more than a week. UnitedHealth claims the attack will likely cost the company between $1.35 billion and $1.6 billion by the end of the year.  

Another concerning trend identified by Metomic is the amount of payment card industry (PCI) information, such as credit card numbers and banking information, that is saved in publicly shared and external files. According to Metomic’s research, 1% of publicly shared files owned by healthcare organizations contain PCI—a number that, at first glance, seems relatively tiny, but 1% means that there are easily accessible files that contain highly vulnerable financial data. 

Given the distressing number of data breaches happening across the healthcare space, it’s imperative that PCI data be heavily monitored at all times. 

The full report, which also includes common file-sharing errors and DLP tactics to stop high-risk data from being exposed, can be downloaded on Metomic’s website at: “Healthcare Data Crisis – Uncovering the Alarming Gaps in Data Security and Compliance.”

 Metomic, a next generation data security solution for protecting sensitive data in the new era of collaborative SaaS, GenAI and cloud applications, today announced Metomic for Slack Enterprise. By partnering with Slack, Metomic gives security teams full visibility and control of sensitive data sent across an organization’s entire Slack workspace. Metomic for Slack enables heightened levels of security within public, private and Slack Connect channels by identifying vulnerable information that has been shared on the app and pinpointing critical security and compliance risks, such as PCI DSS, HIPAA, GDPR, and more.

As a verified Slack DLP Partner, Metomic for Slack Enterprise enables compliance and security teams to automate data security tasks on Slack, such as data redaction, data retention, data quarantining, and employee notifications. Metomic’s workflow-based setup makes it easy to begin monitoring Slack conversations in real-time, significantly minimizing the risk of data leaks and compliance breaches on the platform. Using pre-built classifiers and policies, companies can implement Metomic for Slack to identify common data security risks.

Slack is one of the world’s most popular collaborative work apps, with industry reports claiming the platform has as many as 35 million daily active users. According to Slack’s own data, more than 80% of Fortune 100 companies rely on the app to drive productivity across their organizations. Its ease of use and wide adoption rates—along with its distinct ability to integrate with thousands of other work apps—make Slack everyone’s favorite collaborative app, but its lack of end-to-end encryption opens the platform up to serious data security risks. 

Metomic for Slack gives companies of all sizes using Slack Enterprise the full benefits of Slack without the data security risks that come with it—it’s the essential data security tool for organizations that rely on Slack to drive productivity across the organization. To learn more or request a personalized demo, visit the Metomic for Slack integration page.