HIPAA Alert: What Is an Insider Threat?

An insider threat is most simply defined as a security threat that originates from within the organization being attacked or targeted, often an employee or officer of an organization or enterprise, according to Digital Guardian.

An insider threat does not have to be a present employee or stakeholder, but can also be a
former employee, board member or anyone who at one time had access to proprietary or confidential information from within an organization or entity.

Digital Guardian goes on to state that contractors, business associates and other individuals or third-party entities who have knowledge of an organization’s security practices, confidential information or access to protected networks or databases also fall under the umbrella of insider threat.

An insider threat may also be described as a threat that cannot be prevented by traditional security measures that focus on preventing access to unauthorized networks from outside the organization or defending against traditional hacking methods.

If you have any knowledge of unauthorized access to privacy/security information of MHS, please report it immediately to the MHS privacy officer.

If you have any questions about how Methodist handles HIPAA security, please contact HIPAA Privacy Officer Zorana Vojnovic at 354-6863 or @email.