It’s a fact: Cyber criminals target organizations that house sensitive, personal data about consumers, and nowhere is that data more prevalent than the stored files of healthcare providers.
Patients are required to share a wealth of information, from social security numbers to credit card information for payments. But healthcare providers also request and store insurance information, which according to a recent report in The Washington Post, may be more valuable to cyber thieves.
Health insurance data can be sold at a premium on the black market to facilitate medical fraud, such as an individual receiving medical care or ordering pricey medical equipment. That type of illegal use often isn’t detected as quickly as fraudulent access to a bank account or use of a stolen credit card.
Worse, cyber intrusion into healthcare data can create a situation where vital, even life-and-death information, can be held hostage. The software even has a name: ransomware. Once the malicious software has infected a database, it creates encryption that locks legitimate users out of the information and then sends a demand for payoff, often in digital currency such as bitcoin, which is difficult to investigate and track, before providing a digital roadmap for unlocking the encrypted files.
Such scenarios are a worst-case predicament for an industry that has made a concentrated national push to digitize the medical information of patients in every state, per federal law. According to the website Becker’s Health IT & CIO Review, one large Los Angeles-based hospital recently paid the equivalent of $17,000 to regain access to electronic health records that had been compromised by ransomware.
Ransomware isn’t the only threat. Phishing – sending a corrupt link embedded in an email that when clicked provides hackers access to the computer system and files – remains a common ploy. Hackers also have gained leverage in manipulating encrypted web traffic to avoid detection. And even some employees aren’t entirely innocent. Data breaches by a staff member remain something that must be constantly monitored by an organization’s cybersecurity team.
Knowledge, however, is power, and the continual threat of hackers is now front and center on the radar of most healthcare organizations.
According to the website TechRepublic, industry experts predict 2017 may be the year that hackers get more creative. They also believe, however, that providers employ better, more proactive measures to combat and defeat those efforts.
As more companies focus attention and resources on cybersecurity, they may find a common ally in government agencies that utilize high performance computing and adaptive machine learning, which can create a real-time forecasting model to anticipate attacks.
The cost for better protecting sensitive data likely will increase. Experts expect demand for video surveillance also will rise.