Security threats are major concerns to healthcare organizations due to the value and vulnerability of clinical data that is being recorded and distributed. The value of the data comes from the fact that it is historical in nature; it directly affects our ability to safely treat patients, it takes a long time to rebuild, and it contains more than just clinical data, but also a lot of personal, financial, and demographic data, which allows it to be used for wider identity theft. It is persistent, whereas you can change credit cards and their passwords, PINs and account numbers in the event of a breach, you cannot change your mother's maiden name. The vulnerability comes from the fact that there has been a revolution in healthcare with the interconnection of systems, cloud computing, Internet of Health Things (IoHT) and mobile devices and the changes in working practices of clinicians, such as remote monitoring, telemedicine, and working from home. This revolution has not always been matched with the security awareness, policies, practices, and budgets of health care organizations.
When it comes to protecting patient information and proprietary medical research, the healthcare industry faces significant cybersecurity challenges every day. The adoption of new medical technology--including electronic health records (EHRs), online patient portals, connected devices and wearables--offers improved patient care and convenience. However, it also creates greater opportunity for attack. Of all the industries affected by advances in cybercrime techniques, healthcare providers continue to be at high risk. That's because providers not only store personal and financial data that's extremely valuable to criminals, but their network systems are also very sensitive to interruptions.
I know how terrible healthcare records theft can be. I myself have been the victim of a data theft by hackers who stole my deceased father's medical files, running up more than $300,000 in false charges. I am still disputing on-going bills that have been accruing for the last 15 years. This event led me on the path to finding a solution so others would not suffer the consequences that I continue to be impacted by, but hospitals and other healthcare providers must be willing to make the change. The writing is on the wall.
These benefits will only grow as technical advancements continue in healthcare. For example, in a Q&A following his HIMSS keynote, Eric Schmidt of Google spoke of the critical role EHR adoption has played in the centralization of patient data, which will make the use of technologies such as artificial intelligence and machine learning possible in the healthcare space. Today, more than 95% of hospitals are using EHRs, and 38% of hospital chief information officers cite EHR integration with other systems as a top priority. READ: WannaCry, NotPetya, and Cyberwarfare's Threat to Healthcare The trick for healthcare providers and other entities covered by the Health Insurance Portability and Accountability Act (HIPAA) is to ensure that, as these records become more widely used, shared, and interoperable, there are sufficient security controls in place to ensure compliance and patient privacy. This is especially true as new initiatives surface to make data more accessible to patients.
Original article As Halloween approaches, the usual spate of horror movies will intrigue audiences across the US, replete with slashers named Jason or Freddie running amuck in the corridors of all-too-easily accessible hospitals. They grab a hospital gown and the zombies fit right in. While this is just a movie you can turn off, the real horror of patient data theft can follow you. Unfortunately, this scenario is similar to how data thefts often occur at medical facilities. In 2015, the healthcare industry was one of the top three industries hit with serious data breaches and major attacks, along with government and manufacturers.