Last Updated on April 11, 2024 by Deepanshu Sharma
2017 saw an average of at least one healthcare data breach per day, according to a report published by Protenus. But what is it about healthcare information that makes it so alluring? Let’s take a look…
1. Patient information is very valuable
As they say, “data is the new oil”, and hospitals are sitting on large amounts of it. They store vast numbers of medical records, social security numbers, credit card details, and so on. Hackers seek to steal this information to either sell it on the black market, or to use the information themselves to apply for credit cards, loans, or any other type of fraudulent activity.
2. Healthcare has a broad attack surface
Hospitals make use of a variety of equipment and devices, such as dialysis machines, heart monitors, digital pacemakers, and various mobile applications. The number of apps and devices used by hospitals makes it difficult for them to ensure that the data doesn’t end up in the wrong hands. To make matters worse, a lot of this information needs to be open, shareable and accessible – often remotely.
3. Hospitals use outdated technology and legacy systems
Accordingly to a report published by Duo.com, of the 82% of healthcare organizations that are using Windows, 76% are still using Windows 7 – an operating system that is “so outdated that patches can’t keep it secure”. One of the main reasons why healthcare organisations are failing to keep their systems up-to-date is largely due to fears that an upgrade would result in a disruption of service.
4. Limited training opportunities
Healthcare staff are not cyber-security professionals. They need to be trained in order to be able to identify security threats such as phishing and social engineering. Of course, this is easier said than done when you are operating on a limited budget, with little free time on your hands.
5. Healthcare cyber-attacks can cause chaos
Healthcare is recognized as “national critical infrastructure”. This makes it an ideal target for malicious foreign entities, looking to create disruption.
6. The digitization of health records
There are obvious advantages of electronic health records. They enable hospitals to provide more accurate and up-to-date information about patients, and do so in a fast, coordinated and efficient manner. They make it easier to share information with patients and other practitioners, and document the progress of treatments and practices. However, the digitization of health records comes at a cost to security – in that – they are much easier for hackers to steal.
7. Ransomware is more profitable when lives are at stake
Ransomware attacks are pointless if nobody is willing to pay the ransom. However, in a life or death situation, hospitals may be left with no choice but to pay, should they get infected.
How can healthcare service providers better protect their data?
Many healthcare service providers have their backs against the wall. In an ideal world they would have regular staff training sessions to help them to identify security threats, choose a secure password, and ensure that they are familiar with the applicable regulations. Everything would be patched and up-to-date, portable devices would be encrypted, and wireless networks would be secured. They would only store data that is absolutely necessary, third parties would be adequately vetted, and they would have a data breach response plan in place. But of course, they can only do what they can do with the resources available to them.
That said, it should be noted that “58% of Healthcare PHI Data Breaches Caused by Insiders”. In which case, the best thing they can do is prioritise. There are a number of affordable and sophisticated auditing tools on the market which are designed to help spot insider threats. They can help maintain least privilege access, detect suspicious file and folder activity, manage inactive user accounts, and help to ensure passwords are rotated regularly. Additionally, some solutions are capable of “threshold alerting” – an invaluable feature which can be used to help prevent the spread of ransomware, should a system become infected.