The healthcare industry just keeps getting hammered by cybercriminals in 2016. The reality for healthcare organizations is that cyber attacks are now part of their everyday business and that the best option is to improve their cyber defenses in order to better protect themselves.
According to the third annual Experian 2016 Data Breach Industry Forecast report, 91% of all healthcare organizations reported at least one data breach in the last two years. What makes them such prime targets is the price of the valuable information they have. According to this same report, “medical records are worth up to 10 times more than credit card numbers on the black market.”
According to an article in HIPAA Journal, “142 healthcare data breaches involving more than 500 records have been reported to the Department of Health and Human Services’ Office for Civil Rights so far in 2016. During the same period in 2015, 143 data breaches were reported.”
The following list is from the same HIPAA Journal article that states how healthcare records are being exposed as well as the number of records that were stolen:
How the hacks are happening:
- 48 data breaches were reported as unauthorized access
- 43 data breaches were attributed to hacking or network server incidents
- 37 breaches were caused by the loss or theft of devices used to store ePHI or the loss/theft of physical records
- 4 breaches were due to the improper disposal of records
Number of records stolen:
- 60% were due to hacking (2,703,961 records)
- 78% were due to loss/theft (1,342,125 records)
- 6% were the result of unauthorized access or disclosure (342,748 records)
- 63% were the result of improper disposal (118,594 records)
Protenus has launched its new monthly Healthcare Breach Barometer that compiles data by DataBreaches.net. The Healthcare Breach Barometer is a monthly snapshot of reported or disclosed breaches impacting the healthcare industry and includes data from HHS. According to this source, the total number of records exposed in June alone rose to 11,061,649 patient records, which makes June the worst month for healthcare information security in 2016. So what can IT security professionals in this industry do?
Healthcare IT organizations that were previously understaffed, underbudgeted, and overwhelmed are finding that EiQ’s hybrid security as a service that combines the best people, process, and technology are a welcome change from going it alone or using cumbersome products and services. EiQ is transforming how mid-market organizations build enterprise-class security programs. Acting as an extension of our customers’ IT teams, EiQ’s SOCVue provides continuous security operations based on best-of-breed technology at a fraction of the cost of alternate solutions. EiQ is a trusted advisor to organizations that need to improve their IT security and compliance posture by protecting their infrastructure against cyber threats and vulnerabilities.
Find Out What Vulnerabilities Lurk in Your Organization
If you have ever wondered what software flaws and vulnerabilities are hiding in your network, now is the time to find out. For a limited time only, EiQ Networks will offer a FREE scan of up to 10 external IP addresses to identify vulnerabilities. You’ll receive an in-depth report that identifies:
- The number of vulnerabilities detected and their severity level
- The number of assets affected and which ones they are
- A detailed description of the threat, its impact, and remediation guidance