It is all too easy to find a professional field at risk for a cyber security incident these days. One thread getting pulled throughout 2015 is the healthcare industry, and that proverbial sweater is in danger of unraveling. We have seen several headlines pop up this year, which should have turned heads and ignited a fire under the IT security teams responsible for securing private health information (PHI) and other sensitive data. With millions being affected, alarm bells are going off now. The reported numbers are staggering in their scope.
- CareFirst : 1.1 Million [1]
- Medical Informatics Engineering: 3.9 Million [2]
- UCLA Health System: 4.5 Million [3]
- Excellus: 10 Million [4]
- Anthem: 78.8 Million
We at Cimcor may have cherry-picked these companies for their wide-reaching implications, but how will healthcare providers respond and combat the threats to their IT systems and data? For every case that reaches into 7 figures and beyond there are dozens of smaller incidents that are compromising data and putting people at risk. A risk that no organization can truly afford.
2015 has seen 224 incidents in the healthcare industry alone (as of this writing) according to the U.S. Department of Health & Human Services [6]. These are just the ones that involve 500 or more individuals. How many others are not being found and reported?
To say the healthcare industry is in peril is an understatement. Unless stronger measures are taken quickly to secure data and monitor the systems they reside on, they may only get worse. Has your organization stepped up its efforts in the wake of these record-breaking breaches? What measures have you taken? Maybe these are the right questions. Perhaps the better question to ask is, why is healthcare so far behind?
For every headlining, record-breaking mega-breach there are scores of smaller breaches that when tallied number in the thousands of records compromised each year. The digitization of electronic health records (EHR) has made hospital and private practices a larger target than ever before.
Will your company become another data point on the Department of Health & Human Services list? You can easily monitor your infrastructure and data for changes and unauthorized activity. Download our HIPAA solution brief today.
[3] http://money.cnn.com/2015/07/17/technology/ucla-health-hack/
[4] https://www.reuters.com/article/ctech-us-excellus-cyberattack-idCAKCN0R92PU20150909
[5] http://www.wsj.com/articles/anthem-hacked-database-included-78-8-million-people-1424807364
