Healthcare data breaches are affecting millions in the United States and one of the major causes is hacking by cybercriminals. According to a report titled The State of Cybersecurity in Healthcare, by The Fortified Health Security which gathered data spanning over a decade and found that forty million Americans were affected in 2019. This is the highest number of healthcare data breaches in history and alarmingly it is 65% more than the reported breaches of 2018.
Some of the findings of the report:
- Over 189 million healthcare records have been breached in the last ten years
- 59 percent of data breaches happened due to phishing emails sent by cybercriminals
- Provider organizations are the most affected with over 334 healthcare providers affected and data of over 22.7 million patients was compromised.
- Other than providers, business associates were affected the most.
Breaches in healthcare are catastrophic as it comes with fines and penalties under HIPAA by the Office for Civil Rights (OCR). The amount of the fine is $1.6 million on average. HIPAA penalties come along with audit and security recommendations which itself are onerous for healthcare service providers. According to a report, healthcare organizations are spending millions to ensure the security and privacy of the healthcare data but unfortunately, the instances of breaches are increasing with every passing year. Cybercriminals are using all the tactics including phishing and text messages to get access to classified information.
Healthcare organizations are in dire need of effective cybersecurity which can save them from cyber-attacks. Technology organizations are helping the healthcare sector in the digitization of healthcare records and many other benefits of the electronic data. However, these tech mavens must also come up with a viable plan to ensure security and privacy. These solution providers are already serving various other sectors with innovative technologies such as Blockchain and they can bring that to better serve the healthcare sector.
Analyzing the amount of data gathered about data breaches, it looks like that the volume of data breaches would increase this year as well. Especially the small entities and healthcare providers would experience a 10 to 15 percent increase in data breaches. When at one end it is a looming threat on the other side it is a business opportunity for technology vendors. These technology solution providers would further consolidate to provide cybersecurity solutions. As cybercriminals are increasingly using email phishing to hack data, therefore, efforts must be done to protect this vulnerable segment.
As a precautionary measure, every organization must develop and implement a security plan that can protect them from phishing attacks. There is a dire need to train human resources as most of the breaches occur due to the sheer negligence of the staff. Most of the healthcare organizations are utilizing third-party solutions to manage their daily chores and outsource tasks such as medical billing, which increases vulnerability. Healthcare providers must confirm that their technology partner is HIPAA compliant. Most healthcare executives choose a vendor without adequate planning which increases the vulnerability level. Healthcare organizations must take expert consultation before choosing a solution provider. These are just basic thoughts on the topic; cybersecurity in healthcare requires more attention from the stakeholders.