Email ranks among the most widely used forms of business communication — and one that is widely subject to cyber attack.
Email attachments may deliver a malware payload. Phishing scams, in which attackers mimic trusted brands, can harvest personal information from unsuspecting users. Assailants may crack email accounts or sniff network traffic to steal plain-text messages in transit.
Health care organizations, however, trail other industries when it comes to email security. Agari, an email security solutions provider in California, recently assigned health care the lowest email security score of all the industries it studied. The company’s Q2 Email TrustIndex, published in August, analyzed 14 health care companies and classified 13 of those as “easy targets” for attackers.
Kristen Alexander, head of marketing at Agari, said health care has climbed the ranks as a target for cyber criminals. Patient information is a key attraction.
“Typically, industries that have valuable information are a more significant target than others,” she said.
Concern over email creates a tension among health care providers between security and patient outreach. On the one hand, health care organizations are responsible for safeguarding patient data. But on the other hand, some providers would like to move beyond the traditional phone call as the primary means of patient outreach.
“We are trying to come up with new and more effective ways of communicating with patients,” said Rajeev Sindhwani, a cardiologist with DOCS Medical, a five-office medical practice in the New York City area.