How a digital health platform, incorporated network security in its infrastructure to overcome data thefts & patient record breaches?

A digital health company in spite of being in the business of managing electronic health records (EHRs) for decades, found itself trapped in the face of a significant data theft incident in 2021. The company authorities turned to Research Nester seeking its services for developing strategies for incorporating network security.

banner

An overview:

1

The company was in the business of storing and managing electronic health records (EHRs) for its clients for around 12 years. Its client list included top healthcare providers in the U.S.

2

However, its reputation and reliability went for a toss, when in May 2021 it experienced a significant data theft incident. An unauthorized third party attempted to sell a large amount of patient data on the dark web.

3

The company’s huge network of databases along with an outdated software system that lacked the latest security updates made it an easy target for cybercriminals and hackers.

4

Although the company did everything under its realm and outside, to prevent the extent of the damage, still there were serious repercussions that dented its market position.

5

To prevent any similar future mishap, the company authorities turned to Research Nester to devise a network security strategy that would safeguard its databases against security threats and protect sensitive information.

raw-materials-persuaded

The Story

The Company, a reputed digital health platform with a strong market position unexpectedly detected the presence of extraneous copies of data on the evening of the 21st of May 2021. To the extreme horror of the company authorities, third-party sources had gained unauthorized access to sensitive patient data. The breach occurred in January 2021, when attackers exfiltrated a substantial volume of patient data, including personally identifiable information (PII) such as names, addresses, social security numbers, and medical history. The incident that compromised the privacy and confidentiality of thousands of patients, came to light 5 months later, in May. To make matters worse, the data theft triggered legal and regulatory repercussions for the company. It faced investigations from regulatory bodies in the U.S. such as the Health Insurance Portability and Accountability Act (HIPAA) and was fined around USD 2500 million. Apart from paying the fine, the company also faced a huge financial burden as it had to allocate resources to remediate the breach. Although the company was able to restrict the extent of the mishap, the incident eroded customer trust to a huge extent and damaged the company’s reputation. To avoid any future instances, the company sought the services of Research Nester analysts to help it incorporate a near-fool-proof strategy for its network security. Research Nester offered a customized solution in the form of a report on the Cyber Security Market. It provided a detailed analysis related to advanced technological solutions for boosting network and cyber security in companies. In addition, RNPL consultants also devised a framework of network security measures to facilitate strong and updated software systems.

The Solution:

The major pain point of the company’s digital infrastructure was that it had not been updated and lacked patching a few vulnerabilities. Hence, it became an easy target for third-party to access its sensitive data. Research Nester consultants suggested the revamping of the company’s security infrastructure practices in the following ways-

  • Investing in robust encryption measures to protect sensitive information.
  • Implementing multi-factor authentication.
  • Improving data retention practices and implementing strict access controls to safeguard patient information.
  • Conducting regular security audits.
  • Employing intrusion detection and prevention systems to detect and mitigate future threats.
  • Strategizing a shift that facilitated the discovery of data breaches internally and at the earliest.
  • Collaborating closely with regulatory bodies to ensure compliance with data protection laws and also to update their privacy policy measures.

In addition, RNPL analysts also suggested the company could engage in partnerships with or employ renowned cybersecurity firms to conduct independent cybersecurity audits. This way the company could obtain certifications and demonstrate its commitment to data security. This would help the company to win the loyalty of its customers back.

solutions
results

Results

The digital health platform had a strong market position as of Dec 2020. The profits in the same year were valued at ~USD 5600 million. The company had incurred a loss amounting to ~USD 7200 million that included the fine, legal action from clients, and loss of existing customers by the end of December 2021. Apart from the financial drain, the company had also damaged its reputation and reliability. The market share of the company in the U.S. stood at 35% at the beginning of 2021 and by the year’s end, it was a meager 8%. At this point, Research Nester was asked to use its experience and expertise in the field to bring the company back on track. By incorporating the strategizes as advised by Research Nester consultants, there was a gradual improvement in customer acquisition. Since the company showed ingenuity in its efforts to prioritize its data management and network security, its clients became ready to give it a second chance. By the end of 2022, the company’s profits had reached ~USD 5200 million, and with a market share of 32%. In the first quarter of 2023, the market share of the company was 38% and is continuing to grow.

Contact Us

swara-keni
Swara Keni

Head- Global Business Development

Let Us Hear About Your Requirements:
Connect With Our Consultant