Healthcare Industry Cyber Breaches Up 525 Percent
The Ponemon Institute just came out with their Sixth Annual Healthcare Industry Report and revealed that cyber breaches are up a whopping 525 percent. More than 91 different healthcare institutions and healthcare related associates were involved in the study. What’s even more telling is that 90 percent of all the healthcare organizations involved in the study experienced data breaches, costing the industry more than $6.2 billion dollars.
As the data reveals, no healthcare company is immune to the effects of data hacking. An average breach costs an organization around $2.2 million dollars. Moreover, 50 percent of hacking is due to criminal behavior. These are targeted breaches by highly organized crime syndicates mounting the attacks (usually a malicious insider) which benefit from exposing or collecting sensitive data.
Here are just a few of the major data breaches and phishing attacks that have happened in 2018 thus far:
- A ransomware attack on Missouri Health system causes emergency and stroke patients to be diverted to another hospital for care.
- Hackers get access to Manitowoc County’s medical records via an employee’s email.
- A healthcare billing service based in Albany, New York, Med Associates was hacked accessing 270,000 patient records.
Though criminal behavior dominates the hacking problem, employees often mishandle patients' data as well. Many companies are not even aware of how often medical identity theft is occurring in their organizations, and offer no recourse to the affected parties. Most organizations also don’t have the personnel or budgets to manage security breaches of this magnitude.
Ransomeware is just one aspect of this growing problem. Data held hostage by malware attacks means that companies which store personally identifiable information (PII) have no way to protect private data. This is just one tiny facet of a growing problem.
One solution to this massive data hacking problem may be found in blockchain technology. This is a public ledger that authenticates every transaction which is open for verification via a distributed ledger. It offers a chance to fill gaps in current cybersecurity protocols which would force permission for data access, and only offers the minimum amount of information needed at each juncture to keep private data private.
For example, Patient A needs to transfer his medical information from a primary care physician to a specialist who also then needs to share some of that information with the hospital’s billing service where her office is located. Traditionally this offers 3 or more entry-points for cyber hacking. With the blockchain, all of Patient A’s information can be set up as a smart contract which they then allow to be released on an as-needed basis.
When Patient A needs to fill a prescription recommended by the specialist, only the absolutely necessary information is shared via an encrypted, immutable record on the blockchain, and not a sliver more. Blockchain would allow the protection of privacy while also releasing pertinent information when it is needed.
One thing is certain: the healthcare industry cannot afford to simply turn the other cheek. When more than 90 percent of healthcare companies experience a data breach in a single year, data security must become a primary concern for all organizations, with a concerted effort to adapt new technologies which will make data hacking less likely to occur. Hacking attempts will only grow more sophisticated and prevalent. Therefore, new solutions must be explored and implemented as quickly as possible.