Healthcare data breaches are nothing new, especially in the U.S. Even before the pandemic, data breaches were common among hospitals, and why wouldn’t they be? With hackers selling one stolen medical record for up to $1000, medical records can be a lucrative business. However, since the pandemic, data breaches have become significantly more common. But there are some factors to consider in this context. For instance, because of the pandemic, healthcare providers understandably had a lot on their hands — a surge of COVID-19 patients, adapting to the rapidly changing environment, setting up virtual healthcare, and so on. Hackers took advantage of this situation and focused their attacks on healthcare facilities. Let’s look at the problem, explore why it is still occurring, and determine how the protection of medical records IS possible with positive patient identification.
Recent data breaches show the importance of protecting medical records
Cyberattack forces a hospital to go back to analog methods!
That’s not a piece of news we hear every day, is it? Well, the information of a whopping 1.4 million patients was exposed due to an incident back in June at St. Joseph’s/Candler. After detecting suspicious activity, the health system decided to shut down the IT systems, using paper documentation to mitigate the effects of the attack. However, things are better now, as their IT systems have been mostly restored.
Information of more than 637,000 patients exposed
The attack led to unauthorized individual(s) accessing New Mexico Health’s network, compromising information for more than 637,000 patients. Names, addresses, birthdates, health insurance information, medical record numbers, were among the data accessed by the unauthorized party. The health system has been providing complimentary services to the affected patients after notifying them of the attack.
All of this goes to show how important the protection of medical records is, especially if hospitals want to avoid huge losses in addition to those caused by the pandemic. Fortunately, RightPatient can prevent fraudsters from tampering with EHRs and even prevent medical identity theft in real-time — more on that later. For now, let’s see why data breaches are still occurring.
Why do hospitals fail with the protection of medical records?
There are quite a few reasons why data breaches still wreak havoc across healthcare facilities.
Firstly, most healthcare facilities have extremely backdated security solutions or very basic (not robust) modern solutions.
Secondly, their IT infrastructure is outdated — and security relies on good IT infrastructure.
Thirdly, most facilities have not updated their systems in view of the recent data breaches. In other words, they don’t learn from the mistakes of others.
There are, however, other external factors that limit the effectiveness of cybersecurity teams. The biggest issue they face is budgetary — generally, cybersecurity receives a very meager portion of the hospital’s budget. Thus, even if they wanted to, they couldn’t ramp up their cybersecurity measures.
Moreover, hackers are coming up with new and innovative ways to steal patient information and disrupt hospital operations. As previously mentioned, hospitals and health systems are prime targets because hackers get significant amounts of money by stealing patient information and selling it on the black market.
All in all, healthcare providers cannot be blamed entirely for becoming targets of data breaches — there are both external and internal forces that make them inevitable.
However, while data breaches are inevitable and seemingly unstoppable, their most common consequence, medical identity theft, IS preventable.
Read the full article along with the sources at Protection of Medical Records is Critical as Data Breaches Appear Unstoppable
Published by Salman Rashid