The health-care industry remains a prime target for hacking. In the last five years, there’s been a surge of attacks in this field. Why is that, and what steps can medical and dental practices take to prevent sensitive patient data from a breach? Let’s delve a little deeper into the hacking problem facing the health-care industry.
A Look at the Numbers
According to Dizzion, a cybersecurity firm outside of Denver, Colorado, data breaches are extremely common in the health-care field. An estimated 89% of health-care organizations have experienced a data breach in the past two years. The majority of health-care organizations agree that digital security is one of their foremost concerns. The main reason for this concern is that breaches could cost the health-care field up to 6 trillion dollars in damages if proper security measures are not taken.
Why are Health-Care Companies at Risk?
Medical and dental practices collect and store vast amounts of personal information, making them a major target for cybercriminals. For example, consider the highly sensitive data that is stored, transferred, and accessed in this field. It includes names, social security numbers, home addresses, and dates of birth, not to mention private health-care information and payment methods. All of these pieces of information make for a big bullseye on the companies that collect and maintain this info.
If a hacker (or a hacker group) wants to create chaos, and not just steal sensitive information, the health-care sector is a critical part of our national infrastructure, alongside the water, electricity, and transport networks. That makes it an attractive target for causing damage and creating absolute chaos.
Another reason why the medical and dental fields are at such a high risk is that too many practices have not increased their IT budgets nor changed their technology practices in the past few years. This leaves them vulnerable to attacks. Dizzion reports that around 50% of health-care organizations and their business associates have not increased their cybersecurity budgets in the last year. Surprisingly, about 10% actually lowered spending on security.
The Need for Action
The healthcare industry increasingly relies on technology connected to the internet and stored in the cloud. While these technologies allow for better patient care, without the right security, the systems are open to attack.
For example, the Verge online recounts the 2017 WannaCry cyberattack, which infected thousands of computers around the world and threw the United Kingdom’s National Health Service into chaos. In 2017, the Health Care Industry Cybersecurity Task Force convened by the U.S. Department of Health and Human Services concluded that healthcare cybersecurity was in “critical condition.” Experts say that health care lags far behind other industries, like the financial sector, in the way it protects its information technology infrastructure. And unlike finance, a health-care failure can end with an injury or even death.
IT departments and specialists need to be vigilant for potential vulnerabilities. This means staying on top of the latest threats, patching software where needed, updating software and hardware, and installing the latest security protocols to maintain HIPAA regulations. Paying attention to the health of the computer systems is only half the battle. IT support must train and maintain the human element that can spot these vulnerabilities and prevent a breach from occurring in the first place.
Does your practice need updating or new security measures? M&H Consults can help. Contact us online or at 1.866.964.8324.
Categorised in: Computer Support, data breach, hacking, IT Consulting Services, Security