Last year, Houston-based software and security company Netiq released a Cyberthreat Defense Report that published alarming statistics on the apparent vulnerabilities in Healthcare IT. Data breaches, compromised patient information, medical identity theft, and gaping holes in Cloud infrastructure are among the top contenders for worst offenses. Now, a year later, the statistics are rising, and not in our favor. What’s even more distressing is that many of these cybersecurity threats are preventable, and are facilitated by careless employees, lax security, or an unwillingness to update security measures.
Cloud-based services are used by a reported 91% of healthcare practices. Cloud based services may be the golden standard for mass storage and integration – but in order to fully utilize the cloud, providers must understand that additional security measures must be taken in order to maintain the integrity of the stored information. Securing provider servers is detrimental to the safety of PHI. 47% of Cloud users are not confident in the security of their Cloud data. Keeping this statistic in mind, are you among that 47%? What measures can you take to educate yourself and strengthen the walls between hackers and private information? Utilize a reputable IT security company and stay up to date on the latest Healthcare IT threats and developments.
Cloud-security isn’t the only threat to cybersecurity. Every device that is used in a provider office, from office cellphones, to tablets, to laptops and computers needs to be protected. With 17,000 patient records being compromised every day – no one should become complacent with their security measures. If you’re not updating the Anti-Virus software on your devices, you’re opening the window of opportunity for data to be breached. Provider offices, at the very least, should be utilizing Business or Enterprise quality Anti-Virus software for protection. In addition to Anti-Virus software, devices should be encrypted in order to barricade off unauthorized access. 74% of practices are not encrypting mobile devices, which poses a massive threat to patient and practice data. Mobile devices are vulnerable to application usage, multi-user capabilities, ease of physical theft – and lack of password protection. All of these weak-points of access can easily be strengthened, but many practices fail to do so.
Hackers and cybersecurity threats are likely to target every organization at some point in time, which is why consistency and strength of data security are imperative to preventing costly losses of funds and reputation. The incentive is there for hackers to try anything they can to acquire information.
Healthcare data is more valuable than data from any other industry. A single record can sell for upwards of $360 on the black market. Yearly, healthcare data breaches cost a cumulative $5.6 billion.
If you’re not taking advantage of simple, cost effective means of security your data – you’re also responsible for the loss of patient privacy – which is why so many practices lose cases in which data is breached. Cybersecurity threats are rampant, but so are the countermeasures.
The epidemic of cybercrime has become so widespread that many healthcare organizations are now seeking insurance against losses at the hands of cybercrime. Hospitals in particular have proven to be extremely vulnerable, catalyzing the creation and employment of cyber random liability insurance. These policies, to a clearly defined extent, cover data breaches and monetary losses at the hands of such breaches. However; even these coverage plans have a limit – meaning security must remain a priority for all organizations. Hospitals, payer organizations, practices, regulators, and the government are all targets for massive data breaches. Awareness, education, and adaptability are all essentials to ensuring an attempted hack doesn’t turn into executed hack.