Healthcare technology is growing exponentially as clinicians realize the value of connectivity. But with this advancement comes new opportunities for cybercriminals. In 2017, there was a total of 477 healthcare breaches that impacted approximately 5.6 million patient records.1
On average, the healthcare industry allocates less than 6% of its overall budget to cybersecurity.2 Therefore, cybersecurity education plays a vital role in defending healthcare organizations from experiencing a data breach.
Cybersecurity is defined as the various techniques used to protect information systems from unauthorized users and malicious attacks. Cybersecurity in the healthcare industry is key as sensitive patient health information can be stored on computers and other medical devices.
Medical records can be one-stop shops for cybercriminals as they contain patient health information (PHI) that can’t be deleted or easily changed, making them a valuable target. For example, patient health records can be sold for as much as $363 on the black market which is more than any piece of information from other industries.3 Types of PHI that are valuable to cybercriminals include:
Cybercriminals use a wide variety of different tactics to acquire patient data. As a result, it is important for clinicians to be able to recognize and report threats made against an organization. Here is a list of common tactics employed by cybercriminals to acquire PHI:
Currently, data breaches are costing the U.S. healthcare industry about $6.2 billion per year.5 In addition to the financial impact a data breach has on an organization, it can also result in a multitude of other adverse effects including:5
It’s important for healthcare organizations to implement security measures to safeguard both hardware and software from cybercriminals. Below are some important cybersecurity best practices to help protect your patients and organization:6, 7, 8
Cybersecurity is a growing component of patient safety, and it starts with you. Be sure to check out our helpful infographic that shares key healthcare cybersecurity statistics.
1. Healthcare Informatics. 2017 Breach Report: 477 Breaches, 5.6M Patient Records Affected. https://www.healthcare-informatics.com/news-item/cybersecurity/2017-breach-report-477-breaches-56m-patient-records-affected. Accessed October 9, 2018.
2. CyberPolicy. 4 Healthcare Cybersecurity Stats That'll Raise Your Blood Pressure. https://cyberpolicy.com/cybersecurity-education/4-healthcare-cybersecurity-stats-thatll-raise-your-blood-pressure. Accessed October 9, 2018.
3. Arora, Saloni. Hackers Selling Healthcare Data in the Black Market. https://www.linkedin.com/pulse/hackers-selling-healthcare-data-black-market-saloni-arora-. Accessed November 1, 2018.
4. HIPAA Journal. Healthcare Data Breach Statistics. https://www.hipaajournal.com/healthcare-data-breach-statistics/. Accessed November 27, 2018.
5. Ponemon Institute Research Report: Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data. Accessed May 2016.
6. Medical Economics. 10 Ways to Improve Patient Data Security. http://www.medicaleconomics.com/medical-economics-blog/10-ways-improve-patient-data-security. Accessed November 1, 2018.
7. Heimdal Security. 13 Warning Signs that Your Computer is Malware-Infected [Updated 2018]. https://heimdalsecurity.com/blog/warning-signs-operating-system-infected-malware/. Accessed November 1, 2018.
8. American Medical Association. Checklist for Office Computers. https://www.ama-assn.org/sites/default/files/media-browser/public/government/advocacy/computer-security-checklist.pdf. Accessed November 1, 2018.