Only 10% of Hospitals & Clinics Keep Their Patients’ Data Safe
Startling Findings and Educates Healthcare Providers on Solutions
This is a startling fact that has many people questioning the data security practices of hospitals and clinics everywhere. According to privacy researchers at the Ponemon Institute, “Recent numbers show 90% of health care organizations have exposed their patients’ data — or had it stolen — in 2012 and 2013.” The implications of this research are far-reaching and unsettling for most consumers. However, unified communications and IT security providers, like Net Activity, have devised many solutions to help curtail this epidemic.
Most attacks are the caused by hackers who want to acquire medical records due to their extreme value. The information in medical records (name, birth date, addresses, phone numbers, medical history and social security numbers), can be easily used for identity theft, fraudulent medical billing or acquiring prescriptions to resell on the street. Hackers can use the medical information to accomplish just about anything once acquired. This flaw in IT security is not a series of isolated incidents but an incredibly widespread problem now affecting millions of people across the nation.
In August, Community Health Systems reported that Chinese hackers had allegedly stolen a staggering 4.5 million patient records in what could be the largest breach of patient data to date. The company is treating the breach as a violation of HIPPA, even though the hackers didn’t gain access to medical records (only names, addresses, birth dates, phone numbers, and Social Security numbers were stolen). The breach happened between April and June this year, and was discovered in July. According to cyber-security firm Mandiant, which helped investigate the breach, the group responsible for the attack is known as “APT 18,” and may have links to the Chinese government.
The majority of hospitals and health organizations are using outdated technology on a single network making the job of hacking into networks even easier for criminals. IT security is often a large oversight for healthcare organizations because their objective is to save lives. Unfortunately, lack of internal IT expertise and outdated technology plagues the healthcare industry making it an easy target.
The challenge here is that doctors are inherently more interested in saving lives, instead of upgrading their IT security. This a great thing for society and we believe that’s exactly what doctors should be focused on! The only thing is that IT security must be addressed too. Over the years, we’ve learned exactly what it takes to protect health organizations and we love being a part of the solution to this problem. It’s unfortunate when something like this happens but it brings much needed education to the issues at hand. It is Managed IT Service Provider’s duty to educate the small businesses and provide doctors with the technology tools they need to do their jobs, protect their patients and spend their time focused on saving lives, instead of firewalls.