According to a report on Health Data Management the 2016 IBM X-Force Cyber Security Intelligence Index, the healthcare sector has just moved into first position in the list of industry most threatened by cyberhacking.
The same report said that there had been 100 million health records compromised.
Experts believe that one key driver behind the rise is the value of medical records. This rings up as 10 times the value of a stolen credit card.
In spite of widespread efforts healthcare is lagging
notoriously in comparison with sectors like finance when it comes to security
against cyber attacks. Expense and fast-evolving threats as hackers wisen up to
security weaknesses are making protecting health data increasingly tough.
Prevention is better than the cure and facilities that think ahead in order to protect data will be better placed to respond swiftly and effectively to threats.
The main threats facing healthcare are:
- Malware, software intended to damage or disable computers and computer systems. One-way malware infiltrates HIT is through staff email so careful training of individuals to identify suspicious communication is necessary;
- Ransomware, a type of malware that infiltrates and threatens damages to an IT system unless ransom is paid. Owing to time sensitivity and need of data, many healthcare facilities will pay the ransom rather than wait it out while trying to recover data;
- Date migration, on the rise as more organisations share increasingly digitised patient data. This improves workflow and communication but also increases data vulnerabilities. It is essential that third parties have thorough security in place and date transfer methods are fully encrypted;
- Cloud Computing is a growing method of sharing information amongst healthcare organisations. It can be efficient but it is also risky as some cloud services have been found to have cybersecurity vulnerabilities.
Healthcare data breaches are potentially costly and, in a worst-case
scenario, life-threatening. To mitigate the threat, organisations should:
- Keep systems as up to date as possible;
- Train users about risks;
- Undertake routine security assessments to pinpoint vulnerabilities;
- Keep up to speed on industry trends in cyber issues.
Source: Health Data Management
Image Credit: Pixabay