In the last five years, cyberattacks on healthcare organizations have skyrocketed by 125 percent and 45 percent of healthcare organizations report they have been victims of deliberate cyberattacks, according to a new survey from the Ponemon Institute and ID Experts. The survey also showed that 90 percent of healthcare organizations and 60 percent of claims processors and third-party billers experienced a breach in the past two years.
The Value of Black Market Healthcare Data
Hackers can make up to $70 each for every medical file stolen and resold on the black market, which explains the high motivation behind these attacks. A vast network of online criminal sites makes trading these commodities quick and easy for those who will pay the asking price for stolen digital goods.
Medical records can net a higher profit for cybercriminals than either credit card or bank account numbers, since they include a large amount of sensitive information (like mother’s maiden name or Social Security numbers) that can then be leveraged into bigger payouts.
The cost to healthcare organizations resulting from medical record theft totals $2.1 million on average, which adds up to $6 billion annually throughout the industry. Damages to those consumers directly affected are also significant, and healthcare data breaches can lead to secondary issues that are just as costly, such as insurance fraud.
Protecting Digital Data
These risks have increased in direct correlation with medical providers moving to electronic medical records. The healthcare industry falls far behind other organizations in the private sector in terms of digital record-keeping, citing security concerns as a reason to continue using paper records instead.
This is the modern-day equivalent of insisting on using only a landline or a typewriter despite the many advantages and technological advances of smartphones and laptops. The inherent concern lies not with the technology itself, but rather with the lack of prioritization given to sufficient security measures within the healthcare industry.
Previously, the leading cause of data breaches was lost hardware, but employee negligence is still named as a top concern for 70 percent of organizations polled. This alone points to the reality that the healthcare industry must look inward foremost, and stop dismissing cyberattacks as a statistical improbability.
Written by Dean Van Dyke, Vice President, Business Process Optimization
Dean Van Dyke is the Vice President of Business Process Optimization for iBridge. He brings more than 18 years of customer relations, business process outsourcing, lean six sigma, program/project management, records management, manufacturing, and vendor management experience to iBridge. Mr. Van Dyke was the former head of Microsoft’s corporate records and information management team, and served honorably for over fourteen years in the U.S. Navy and Army National Guard. He received his Bachelor of Science in Business Administration from the University of South Dakota and his Master’s in Business Administration from Colorado Technical University.