Skip to main content

Cybersecurity Strategies:
Protecting Benefit Plans

Posted by Medavie Blue Cross on October 16, 2024

Today’s businesses face constant online threats, with cyber attacks becoming more common and complex — making cybersecurity a business priority.

Cybersecurity Strategies:
Protecting Benefit Plans

Posted by Medavie Blue Cross on October 16, 2024

Today’s businesses face constant online threats, with cyber attacks becoming more common and complex — making cybersecurity a business priority.

A cyber attack happens when a cybercriminal or hacker tries to access a computer network or system. They usually want to steal, change, or expose information for money. Common attacks include phishing, ransomware, supply chain attacks, insider threats, cloud vulnerabilities, and malware.

Healthcare is a big target for cybercrime

Healthcare organizations like insurers, clinics, and pharmacies are at high risk of cybercrime because of the type of information they hold. In fact, healthcare is hit by 20% of all cyber attacks, second only to financial institutions.

The average value of a personal medical record is 10 times more valuable than other records on the market. They are used by fraudsters, hackers, and scammers to gain access to bank accounts or credit cards.

Insights webinar on cybersecurity

Recently, Chad White, Medavie’s Director of Corporate Security, spoke with Travis Kelly, Director of Business Development, for an eye-opening discussion on cybersecurity.

Chad emphasized that cybersecurity goes beyond firewalls, anti-virus systems, and passwords. It’s also about building a workplace culture where everyone is aware of the risks. He also shared the strong security measures Medavie Blue Cross has to protect benefit plans from cybercrime, drawing on our state-of-the-art capabilities and in-house expertise. We are also one of only a few insurers in Canada with Security B Clearance as a federal service provider to a high level of protection.

Key takeaways from the webinar:

For employers

  • Train employees regularly: Training staff on cybersecurity can reduce the chances of cyber attacks like phishing incidents and data breaches.
  • Use strong passwords: Passwords are a key defense against hackers. Ensure your company has a strong password policy to protect important data. Since we manage so many digital accounts at work and home, using weak or repeated passwords can lead to multiple accounts being hacked.

Key takeaways from the webinar:

For employers

  • Train employees regularly: Training staff on cybersecurity can reduce the chances of cyber attacks like phishing incidents and data breaches.
  • Use strong passwords: Passwords are a key defense against hackers. Ensure your company has a strong password policy to protect important data. Since we manage so many digital accounts at work and home, using weak or repeated passwords can lead to multiple accounts being hacked.

For employees

  • Double-check communication: Be cautious of unsolicited emails, calls, or messages, especially those requesting sensitive or personal information. If possible, verify the sender before responding.
  • Update passwords regularly: Use strong and unique passwords for different accounts and update them regularly.
  • Check URLs: Hover over links to inspect their URLs before clicking and ensure they are from legitimate websites.
  • Share carefully: Be mindful of what personal information you share online to avoid being targeted in phishing attacks.
  • Review privacy settings: Regularly check privacy settings on social media and other online platforms to limit the visibility of personal information.
  • Report suspicious activity: If you notice anything unusual, report it to your IT or Security team immediately. Reporting quickly can help prevent potential threats.

For plan sponsors

  • Review third-party vendors: Ensure the companies you work with and third parties accessing your data have strong data protection and cybersecurity policies.
  • Have a response plan: Ensure your organization and your partners have an up-to-date plan in place should a cyber attack or data breach occur.
  • Be prepared: Risk will always be present but strive to limit wherever possible. Assess your risk tolerance and strengthen weaknesses.

Medavie’s cybersecurity measures

As the manager of health benefits for 1 in 10 Canadians, and the steward of their health information, we are committed to protecting the integrity and sustainability of member plans.

  • We employ a strategy that comprises a series of controls and technologies to put extra layers of protection around sensitive data.
  • We hold top certifications in cybersecurity as Canada’s largest private administrator of public health programs.
  • Any Medavie employee who handles personal health is vetted by the federal government, whose screening (Protected B reliability status) includes criminal and financial background checks.

Medavie’s cybersecurity measures

As the manager of health benefits for 1 in 10 Canadians, and the steward of their health information, we are committed to protecting the integrity and sustainability of member plans.

  • We employ a strategy that comprises a series of controls and technologies to put extra layers of protection around sensitive data.
  • We hold top certifications in cybersecurity as Canada’s largest private administrator of public health programs.
  • Any Medavie employee who handles personal health is vetted by the federal government, whose screening (Protected B reliability status) includes criminal and financial background checks.
  • We own our technology and have a service team based in Canada. This gives us full control of our data, improves our service, and reduces the risk of cybercrime.
  • Our state-of-the-art systems monitor, prevent, detect, enforce, and resolve any cyber threats ― with strict controls and processes in place at all levels of our organization.
  • We continually enhance and invest in technology and training as new threats and safeguards emerge.
  • Partnership is key to our success, working collaboratively with sponsors and advisors to defend plans against cyber criminals.

Have questions?

Contact your Medavie Blue Cross representative to learn how we protect your personal health information.

  • We own our technology and have a service team based in Canada. This gives us full control of our data, improves our service, and reduces the risk of cybercrime.
  • Our state-of-the-art systems monitor, prevent, detect, enforce, and resolve any cyber threats ― with strict controls and processes in place at all levels of our organization.
  • We continually enhance and invest in technology and training as new threats and safeguards emerge.
  • Partnership is key to our success, working collaboratively with sponsors and advisors to defend plans against cyber criminals.

Have questions?

Contact your Medavie Blue Cross representative to learn how we protect your personal health information.

Watch the webinar

View the recording of our webinar on reducing cybercrime risks, available in English and French.

View English Webinar
View French Webinar

Share this post

medavie blue cross

Medavie Blue Cross

Medavie Blue Cross is a premier all-in-one carrier that provides health, dental, travel, life and disability benefits and administers federal and provincial government-sponsored health programs. Together with Medavie Health Services, we are part of Medavie, a health solutions partner committed to improving the wellbeing of Canadians. We are in the...

Read More

Related posts

Top Takeaways from the 2024 Benefits Canada Healthcare Survey
Supporting Employees with ADHD: A Guide for Employers
An Employer’s Guide to Menopause: Supporting Women at Work
Thriving through Transition: Empowering Women at Midlife