If you had to take a guess at which business segment faces the most cybersecurity breaches, what are the odds that you would say healthcare? It’s probably not your first choice, but the healthcare sector experiences data breaches more than any other market segment.
Healthcare institutions are in possession of very sensitive and detailed data on its customers, including medical or even life insurance information. This makes them a favored target for hackers.
The information gained from a breach can be worth millions. Whether it may be sold, used as blackmail, or even used to send fraudulent bills to patients in the organization’s name. Not to mention that the data can be used for identity theft to open credit cards, loans, and tax fraud.
The Digitalization of Healthcare
The medical field only recently moved on from the physical to the digital sphere, and their approach to security is often far too outdated for the modern hacker. Furthermore, medical information has to be accessed by many different people across the chain of service, from nurses to doctors and even cooks who prepare the patient’s meal. It’s a well known fact that the human factor poses the biggest threat in the world of security. That means; the more people handling the information, the greater the risk.
This adds more serious worries to data breaches. If hackers can access the system and alter medicine dosage, care information or even allergies, the results can be fatal.
Another aspect, often forgotten when speaking about healthcare, are the medtech companies. Newcomers like Kry, Min Doktor and others run an even greater risk of data breaches than the traditional doctors office. Also, the effects of an attack can be even more serious. Especially since the whole business is placed online and really can’t afford even a minute of downtime.
Between 2009 and 2018, 2,546 healthcare data breaches have occured. To put that into perspective, a healthcare security breach is now a daily event. Patients’ personal health records are being stolen each and every day.
Unfortunately, the rate of this crisis is only accelerating. In 2017 alone, we witnessed over 5 million patient records stolen. A shocking figure for sure, but it gets more astounding when you learn that 2018 saw three times as many personal health records stolen.
This not only puts the patients at risk, but can also be extremely expensive. Breaches in 2019 alone cost a shocking amount of $4 billion.
So what’s to be done about it? The answer is straightforward, but not easy to execute.
Most security breaches are a result of hacking, stolen medical devices, and unauthorized internal access. What this tells us is that healthcare organizations need to spend more on cyber security. From encryption and better training of employees to the hiring of more security professionals. Solutions exist, they just need to be acknowledged, prioritised and carried out. Encryption can deter hackers and make it a lot harder for lost devices to be compromised.
Employees who take cyber security seriously and know just how damaging a breach can be to both patients and the organization, may be more careful when handling private data. And while cybersecurity experts may be expensive to train and compensate, an actual breach is guaranteed to come at a much higher cost.
The issue of cyber security in healthcare is not radically different from any other, but it is more acute. Healthcare organizations need to start acting out in the face of this security crisis, if not for their profits then for the patients. Good security solutions exist, they just need to be put in place. After all, healthcare should know it more than anyone: prevention beats a cure.
Speaking of prevention… Most companies today use open source code; the healthcare segment is no exception. Check out what Debricked can do for you to make sure that you develop secure software and keep your customers and company safe.