Every organization should understand their own unique risk profile based on the impact to their organization of a breach, the vulnerabilities that exist within their unique portfolio of information assets and all reasonable threats that might exploit those vulnerabilities including insider threats.
It has become standard practice for healthcare organizations to focus on identifying and stopping external threats to the privacy and security of data, but one often overlooked risk may be right inside your offices — snooping employees and malicious insider threats.