There’s no denying that healthcare data breaches are escalating in frequency, size, and cost to providers. But, is this just the beginning?
Healthcare data breaches are escalating
In a recent TED Talk on cybercrime, Caleb Barlow remarked that in 2015 alone 100 million people lost their health insurance data to thieves. Despite the growing urgency of ransomware attacks on the healthcare industry, federal funding to prevent cybersecurity threats remains in the thousands, while the cost of these breaches is estimated to be in the millions. Recently, a breach that occurred after a server of the Orleans Medical Clinic was hacked left patient information accessible to thieves for more than 12 days. While the personal information available in health care records remains so lucrative for criminals, it’s up to healthcare providers to stay vigilant in the fight against data loss.
How privacy breaches occur
The frequency and scale of healthcare privacy breaches continues to grow as a result of internal negligence and external cyberthreats. Internally, anything from a simple oversight made by a physician or healthcare worker while entering a password to a technological issue regarding network servers could lead to the irrevocable loss of a patient’s healthcare records. Although this high level of risk exists within healthcare institutions themselves, it’s always the several high profile incidents of cyber criminals exploiting the weaknesses of the healthcare industry that makes the news. Frankly, there’s more at stake than just patient information. In some cases, cyber attackers have even ransomed patient’s health care information back to the hospital. Suddenly, what was perceived as an online threat, now has real-life consequences.
How to reduce your risk
Despite the growing threat of data theft, there are several steps healthcare workers and patients can take to reduce their risk. With the knowledge that 88% of healthcare attacks are attributed to ransomware, it’s important to educate yourself and others on how to identify and avoid a ransomware attack, as well as what to do if you’ve experienced one. For example, how to be on the lookout for email “phishing” scams that contain infected hyperlinks and how to regularly host meetings with staff members to re-familiarize everyone with the importance of safeguarding patient information and the adverse effects of ransomware. Going into 2017, reinforce your practice’s security approach to data loss by staying up-to-date on the current ways to deter theft.
Check out the infographic below created by researchers at the University of Illinois at Chicago for some sobering stats on a few of healthcare's biggest data breaches.