5 reasons to use forensics

April 30, 2012

With the prevalence of data breaches rising, the industry is slowly yet surely realizing they're no laughing matter. And with price tags circulating around the billions, more organizations are starting to take the steps necessary to protect themselves against a costly breach of sensitive information.

Yet, breaches remain common, and as best practices continue to develop around how to handle them, one tool is proving to be invaluable: forensics.

"Oftentimes, organizations want to understand what happened and how did it happen, and the chain of evidence and information has to be preserved," said Mahmood Sher-Jan, vice president of product management at ID Experts. "To bridge that gap, whether it was an outside attack or an internal issue, is to begin the process of analyzing information to see the overall scope of the damage. That causes it to get kicked-off with a forensic analysis."

Sher-Jan and Winston Krone, managing director at investigative and analysis services firm Kivu Consulting, highlight five reasons organization should use forensics if a breach occurs.

1. Essentially, it's required. States simply aren't accepting organizations' stories of what happened when it comes to a breach, said Krone, unless they have forensics to back it up. "I think it's fair to say, it sort of raises an eyebrow about those organizations that aren't using forensic analysis or simply trusting whatever a third party has told them about what happened," he said. Instead, regulators are increasingly requiring hospitals do their own "due diligence," said Krone, and look into the breach. "They can't trust a third-party vendor, which has all the reasons in the world to down play the significance of events," he said. "If you don't do forensics, you're opening yourself up to be destroyed in court. It's a given, and it's expected."

2. It can save you money. Many times, said both Krone and Sher-Jan, an organization overestimates the impact of a breach. ID Experts "brought us into cases, and we said it's a false alarm, there wasn't a breach," said Krone. "So spending money on forensics, or setting your system up so you can conclusively say the data wasn't accessed, can save you an enormous amount of money in terms of notifications, PR, etc." Sher-Jan added that, even if a breach did occur, forensics help tell the full scope of the incident. "If there actually was [a breach], the process can lead to a better understanding of what was accessed and what data elements were compromised," he said. "Then, you can segment the number of records that were compromised and treat them differently; they may fit into an inclusion, according to the law. So all the way around, there are financial benefits to using forensics."

Featured Resources

Reliability in the Cloud - Shifting email responsibility to hosted exchange provider

Cloud-based Microsoft Exchange service features all the mission critical enterprise-class communication and collaboration capabilities of an in-house solution without the unpredictable costs and management headaches. With flexible customization options, healthcare organizations can seamlessly move to a cloud-based solution without compromising security or altering their current encryption approach. Learn More

Meaningful Use - Now or Never

Tips and tools to help healthcare professionals on the path to MU and beyond. Learn More

Improve the patient experience. Improve your technology!

Visit this resource center for IT trends, predictions and priorities for 2013 and beyond. In addition, access case studies and interviews with your peers so you can learn how to deliver the best patient care possible. Learn More

How to Get Paid for Meaningful Use: 7 Tips from the EHR Trenches

If your vendor does not provide a strong level of support, the process of Meaningful Use attestation may be much more difficult and costly than your practice can afford - and perhaps even impossible to achieve. Read this whitepaper for important advice on the difficulties involved in meeting meaningful use requirements and how to overcome them. Learn More

Video

Clinical Spotlight Episode 5: Samir Damani, MD

Tom Martin from mHIMSS sits down with Samir Damani, MD, founder and CEO of MD Revolution to discuss mobile health, chronic disease prevention, and engaging doctors at the mHealth Summit 2012.

More exclusive videos from mHealth Summit 2012