Since 2020, approximately 113 million people have been impacted by healthcare data breaches. These hackers are costing health organizations millions of dollars and threatening the safety of patients. However, unauthorized access is causing more than just identity fraud. The Ponemon Institute—a cybersecurity company—discovered that one in four breaches delays the care of patients, increasing mortality as a result.
These numbers sound mind-boggling and hard to accept, but they’re very much real. Here’s an overview of healthcare data breaches and the problems organizations are facing.
An Overview of Data Breaches in the Healthcare Industry
Healthcare data breaches have been happening for a long time. In January of 2018, Hancock Health of Indiana experienced a serious ransomware attack that forced their entire network to shut down. However, it wasn’t caused by a single sketchy email but a calculated and planned assault on their system. Not only did the hacker hold a $55,000 ransom for the compromised patient data, but—even worse—they demanded Hancock make the payment using cryptocurrency.
Unfortunately, the Hancock incident is far from the only serious breach to happen in recent years—and they’re becoming more frequent as time passes. In 2020 alone, healthcare data breaches increased by more than 50%. The surge of patients because of the Covid-19 pandemic resulted in an abundance of electronic patient data, making hospitals a juicy target for malicious hackers. According to the US HSS, there have been around two breaches reported daily in 2021, and 723 breaches have been documented between March 2021 and February of the next year.
Another major breach happened this past year in April. Hackers stole medical billing records from a whopping one million New York patients—that’s about an eighth of the city’s total population. These hackers stole information regarding their date of treatment, home address, and names. The breach affected physical therapists, gynecologists, and other medical professionals. To make matters worse, it took months to identify which patient accounts had been accessed.
Why Are Hospitals Targeted?
So, why would hackers value medical records and data? Wouldn’t financial and banking information be more profitable to them? Well, not exactly. Healthcare data has records of several different aspects of a person’s identity rather than a single morsel of info. As a result, patient data is valued higher on black markets than financial information. According to a report, a healthcare record can be valued at about 250 dollars.
Another complication that healthcare organizations face is the US HHS itself. While the United States Department of Health and Human Services is responsible for helping hospitals defend against breaches, they’re also in charge of enforcing HIPAA security rules. The HHS needs to work together with victims to report data breaches—but who would want to admit to a HIPAA violation? Out of fear of paying expensive HIPAA fines, healthcare organizations may be hesitant to report breaches, causing an estranged relationship.
MedTrainer Can Help
Because healthcare facilities have started to use technology to share and store protected health information, having reliable safeguards in place is becoming more important than ever. The right software can act as a lock to keep hackers out of an organization’s data. That’s why it’s critical for healthcare facilities to take the right steps in securing patient data and other information.
MedTrainer’s all-in-one software comes with many tools to help your organization remain compliant. We have HIPAA compliance programs, a secure cloud-based storage system, planning tools so you’ll know how to respond to a breach, and much more.
For more information on our healthcare compliance tools and resources for compliance officers, reach out to MedTrainer today to schedule a demo.