Disclaimer: The views and opinions expressed in this blog are those of the author(s) and may not reflect the official policy or position of Excelsior College. Excelsior makes no claim regarding the suitability of the content for all audiences.
It’s fair to say that there is not a single industry that can afford to ignore cyber security. Over the past few years, cyber crime has become more common, more damaging and more difficult to combat for organizations of all kinds.
That being said, it’s also true that certain sectors must be far more vigilant when it comes to cyber safety. And few sectors are as frequently targeted as health care. Hospitals, doctors’ offices and other care providers are now collecting a tremendous amount of sensitive information that cyber criminals are eager to steal and use for illicit purposes. In many cases, these threats are evolving and expanding faster than health care organizations can respond. This suggests that the sector as a whole needs to make cyber security a high-level priority as soon as possible.
2015 has already demonstrated the severity of this issue. Most notably, health insurance firm Anthem was struck by a cyber attack in February, revealing as many as 80 million records. As The New York Times reported at the time, many cyber security professionals predicted that this was not an isolated incident. On the contrary, these professionals believed that more health care organizations would be targeted by hackers in the future, thanks to the growing value of health care data on the black market.
Sure enough, Premera Blue Cross suffered its own data breach in March, resulting in the exposure of 11 million former and current patients’ records.
“A record containing personal health information, can sell for $20 on the black market.”
Writing for the Houston Chronicle, cyber security expert Sharone Tobias reported that a hacker can expect to sell a stolen credit card number for somewhere around $1 or $2. A record containing personal health information, on the other hand, can sell for upwards of $20 on the black market. A complete medical record accompanied by the individual’s Social Security number may be worth as much as $300 for these cyber criminals.
Making matters worse, Tobias noted that hospitals now present more potential entry points for cyber attackers than ever before. Conference call systems, ultrasound machines and a wide range of other devices can potentially provide access for hackers to infiltrate health care providers’ networks and all of the sensitive information they contain.
Cyber security needs
Organizations in the health care sector will inevitably see their data creation and collection efforts accelerate in the coming years, thanks to growing numbers of patients and more sophisticated machines and other devices. Naturally enough, cyber threats will continue to increase, as well.
The only way that health care providers can continue to earn patients’ trust while providing top-quality service is by significantly increasing their focus on cyber security. Hospitals, clinics and doctors’ offices will need to not only embrace superior cyber safety tools, but also bring more cyber security experts on staff. Such professionals will be essential for developing protected networks that can withstand the barrage of cyber attacks that each care provider will inevitably face in the coming months and years.