Health care records contain valuable proprietary information and should ideally be secured. However, recently there have been serious security issues due to the pandemic. The potential for cyberattacks has significantly increased in recent years.
Telemedicine has created new challenges with vastly more opportunities for cyber attackers to gain access to highly sensitive health care data.
An estimated 26 million people have been impacted by compromised medical records, which is a significant increase of over 55% in healthcare-related cyber-attacks in 2020.
Health records are increasingly at risk of being compromised by hackers who seek this type of information because it is highly valuable information. Hackers use medical records to create scammer toolkits and identity theft materials.
The theft of healthcare records is a lucrative business for hackers and fuels a $13.2 billion industry each year, with the average cost per patient record increasing in price to $499 in 2020.
Healthcare Cyber-Attacks in the Spotlight
The Healthcare Breach Report published by Bitglass analyses data and notes several key issues relating to the increasing number of cyber-attacks in the healthcare sector in recent years. The coronavirus epidemic further worsened the situation as more workers began to work remotely, which allowed for cloud-based services, internal networks, and home computers.
Hacking in the U.S. healthcare industry went from approximately 386 two years ago to 599 last year, an increase of 55.1% in security breaches. IT issues, and hacking caused the vast majority of these security breaches. Most of these healthcare cyber-attacks result in the theft of patient data.
Some estimates put approximately 26 million patient records at risk of data exposure from unauthorized users in the United States alone, and the majority are due to hacking and cyber-attacks.
In 2014, medical records were more secure, with physical theft being the main cause of concern. When healthcare companies brought them online around 2018, healthcare cyber-attacks began to increase exponentially. Some factors that make these records easier to steal include access to internet-based sharing services and cloud storage options.
Some of the top states to suffer in terms of healthcare cybersecurity include Michigan, in which hackers breached two hospitals’ patient records. There were only four states last year that have not suffered from security breaches in the healthcare industry. These states are Vermont, South Dakota, Missouri, and Wyoming.
Due to the increased demand for better cybersecurity in healthcare, related expenses have skyrocketed and are among the most expensive of all different sectors. Another factor is the time it takes to recover data due to security breaches. It can take up to eight months to recover medical records and up to three months to identify the damage in the systems.
Increase in Healthcare Cyber-Attacks
What has happened to cybersecurity in healthcare that has caused so many online attacks? Much of the blame goes to the irresponsible handling of patient records online. Digital medical records and the use of cloud services can cause many issues and vulnerabilities in systems. There is also the risk of hacking when legacy systems are still in place to handle these sensitive materials. More modern cybersecurity systems should be available to secure healthcare data.
Some medical software systems like those for radiological imaging are older, and some are outdated. Hackers find these systems simple to break into without passwords granting themselves administrative access and privileges.
The U.S. government has recently stepped in to acknowledge the security failure so prominent in securing medical records. They have put in place severe fines for companies not adhering to the HIPAA guidelines, practices, and procedures.
Some of the health companies fined include Community Health Systems, which had a security breach involving over 6 million patient records. They were fined $2.3 million for failing to adhere to risk management and access control policies.
Many healthcare providers are preventing medical identity theft and mitigating associated costs using innovative solutions – one of which is RightPatient. A touchless biometric patient identification solution in nature, RightPatient can be used across the care continuum, meaning that it is feasible for verifying patients’ identities during telehealth visits. It ensures that patients are who they say they are and not fraudsters – preventing medical identity theft in real-time. Not only does it prevent medical identity theft, but it also enhances patient safety, as it ensures patient records are protected from being tampered with.