Healthcare providers, in particular, must prove that their organization and operational standards establish the proper quality and safety measures to meet strict regulation, reform and privacy requirements. However, even with “proper” protocols in place, most healthcare organizations often are unable to prove whether they have properly managed secure and protected information.
Improper user account management can lead to breeches of security, fines, penalties, lack of trust from the community and failed audits. Hospitals and healthcare providers need to take the necessary measures to ensure sensitive information is not available to employees without proper access rights. For instance, former employees and contractors who are still able to access and use a former employer’s e-mail network because their user account has not been deactivated immediately upon their departure present a definite security risk.