03 Apr Update on cybersecurity in healthcare
Healthcare cybersecurity has been a hot-button topic lately, and in light of recent events in the industry, it will probably remain an important subject for years to come.
According to HealthITSecurity, for instance, a recent forum on cybersecurity in hospitals featured information from several leading healthcare organizations, including HIMSS, CHIME and AEHIS. At the forum, the senior vice president and CIO of Boston Children’s Hospital, Daniel Nigrin, spoke about the importance of implementing the proper cybersecurity measures to ensure that important patient and hospital data doesn’t fall into the wrong hands.
“In 2016, healthcare organizations were subjected to twice as many data breaches as in 2015.”
When it’s bad…
Nigrin referenced an incident that had occurred at the Boston Children’s Hospital in 2014, wherein hackers were able to access IP address information for the hospital’s web server and subsequently posted them on the internet. During this incident, the hackers didn’t gain control of any patient information, but the hospital had to shut down some of its web pages, leaving some patients and medical personnel unable to log into accounts and view information.
A report by Protenus found that the number of patient records compromised in 2016 was drastically lower than that from 2015, as 27.3 million records were illegitimately accessed as opposed to 113 million the previous year, according to SC Media online editor Doug Olenick. However, healthcare organizations were subjected to twice as many data breaches, and the difference between 2015 and 2016 isn’t actually that large at all once one event – the Anthem breach of 2015 that impacted 80 million records – is taken out of the equation.
“While it may seem that there is a significant drop between the total patient records affected by health data breaches from 2015 to 2016, most of that difference is attributable to a single event,” Protenus CEO Robert Lord said to Olenick. “Anthem was the largest health data breach of 2015, affecting 80 million patient records. Once this single breach is removed, the side-by-side comparison between 2015 and 2016 isn’t drastically different, 33 million versus 27 million, respectively.”
Solution: More cybersecurity spending
Beta News contributor Ian Barker reported in February 2017 that in response to the growing number of data breaches – and the steadily rising price tag for each of these incidents – hospitals are increasing their budgets for cybersecurity in 2017. In fact, 81 percent of U.S. healthcare organizations and 76 percent of companies around the world will be spending more on security this year, according to a study from Thales e-Security.
Because the nature of healthcare data is so sensitive, organizations need to ensure that they’re doing what they can to prevent data breaches – for the sake of their patients’ privacy as well as the monetary loss that occurs in situations like the ones experienced by Anthem and Boston Children’s Hospital. Especially as technologies like the Internet of Things and the cloud become more commonplace in the healthcare industry, organizations need to devise ways to effectively safeguard patient information.
The HealthITSecurity article pointed out that in order to deal with the increasing risks presented to healthcare organizations, many experts are advocating for comprehensive security plans and employee education as key aspects of a successful data management strategy.
Get in touch with the cybersecurity experts at Pinnacle today for more information about how our solutions – from trusted partners like Commvault, Zerto and RSA – can help your healthcare organization improve your network security and prevent data breaches down the road.