While the digital health industry was intended to make health records more accessible for doctors and patients, it seems to be doing more harm than good.
According to a report released by BakerHostetler, the healthcare industry experienced the highest frequency of data breaches in 2015 than any other industry. Tens of thousands of healthcare data breaches have been reported since the HITECH Breach Notification Requirement took effect back in 2009. BakerHostetler reported, “It’s no surprise that by frequency, healthcare tops our list. While PHI incident is disclosed more frequently, driven in part by HIPAA presumption that a breach occurred.”
Last year started off with notorious Anthem data breach, which exposed the personal information of over 80 million individuals, roughly a third of total Americans. The Premera Health breach followed just shortly after that, impacting nearly 11 million Americans. Unlike credit card breaches where those affected can simply terminate all fraudulent transactions and are protected by law, victims of PHI data breaches have little to no resources and are generally not promptly informed of their data being compromised.
After years of healthcare related security breaches, 2016 has proven to not be so promising either. In February, the Hollywood Presbyterian Hospital fell victim to a ransomware attack and were demanded to pay a ransom fee of $17,000 to gain access to their systems again. Shortly after, the Kentucky Methodist Hospital had to shut down all of its computers and activate a backup system.
If the past data breaches have taught us anything, it’s that the healthcare industry needs to step up to the plate and implement best in class breach prevention and detection solutions to ward off cybercriminals and protect the medical credentials of its consumers. Having solutions in an organization's IT environment that can detect the presence of malware and ensure hardening measures and user access controls are being enforced will help better protect the sensitive data that make up the healthcare sector.
Any drift from configuration or breach activity needs to be alerted in real time, and with solutions with Breach Detection and File Integrity Monitoring, your organization will be able to monitor any activity within sensitive files and alert you if and why a breach occurs.
Each time access is provided to healthcare data, the potential for loss of privacy & integrity increases. With that being said, healthcare organizations need to embrace state-of-the-art data security solutions and meet security & compliance requirements so avoid being the next victim of a large-scale attack.