My TechDecisions

Compliance, Facility, IT Infrastructure, Network Security, News

Why Healthcare Needs Better Data Security

A staggering 44,993,618 healthcare records were exposed or stolen in 2021, organizations must be more proactive in securing patient data.

Leave a Comment

Jaiz Anuar/stock.adobe.com

As the healthcare industry accelerates into an increasingly digitized world, cyber breaches exposing confidential patient data are becoming more commonplace. In fact, according to the Department of Health and Human Services’ Office for Civil Rights’ breach portal, a staggering 44,993,618 healthcare records were exposed or stolen in 2021.

The implications of these security breaches are significant; they threaten not only health data integrity, but patient confidence in the healthcare system overall. One survey found that about half of consumer respondents were more likely to trust companies that reacted quickly to breaches or disclosed hacks of data to the public.

As a result, healthcare systems and companies becoming more proactive in safeguarding the data of their patients will be vital to the future of healthcare.

The Need to Prioritize Data Security

From patient data becoming more complex to security breaches becoming easier to conduct, it is paramount for healthcare executives to prioritize data security. Healthcare systems and companies possess data with an abundance of details on patients’ protected health history information, personally-identifying information and financial information.

This data alone makes healthcare systems especially susceptible to targeting. Furthermore, cyberattacks have gradually become easier to execute through tools such as malware-as-a-service, botnets and distributed denial of service.

Related: Hacker Used Malware to Delete 69,000 Patient Files at San Juan Regional

The accessibility of malware is only further facilitated by an increase in hospitals’ third-party partnerships, which serve as an additional entry path to data.

Lastly, the aftermath of cyberattacks poses a tremendous financial burden on healthcare systems and organizations. According to IBM Security’s 2020 data breach cost report, the average data breach cost healthcare organizations $7.13 million.

The impact of these breaches also extends to patient care; on average, a data breach at a non-federal acute-care inpatient hospital was associated with an additional 23-36 deaths per 10,000 acute myocardial infarction discharges per year.

Security Strategies to Take into Consideration

Fortunately, there are several measures can consider when implementing a security strategy that will prevent these pernicious attacks.

First, healthcare systems can ensure that their partner third-party healthcare organizations have protective measures against current cyber threats through trusted programs.

AICPA and HITRUST’s collaborative assurance program known as SOC 2 + HITRUST, for example, is a more reliable assessment than compliance with one or the other. Achieving this standard demonstrates an organization’s prioritization of the security, integrity, confidentiality, and privacy of the data it possesses.

Information Security Executives can also work to confirm that information technology suppliers are fully compliant with the HIPAA and HITECH laws, which establish provisions for securing confidential medical information.

Second, many healthcare systems use obsolete software that exacerbate their vulnerabilities to cyberattacks. By adopting and investing in modern Health Information Technology infrastructure, systems can minimize the potential for significant damage.

This also involves implementing more general data security measures, including encryption of all healthcare data stored, data recovery mechanisms, two-factor login authentication, and comprehensive workforce security training programs.

Formulating a complete security incident response plan with steps to identify, stop and evaluate a threat is also imperative to containing an imminent breach.

The Future of Healthcare Depends on Improved Data Security

Admittedly, organizations cannot be 100% protected from security threats. However, by prioritizing modern software and suppliers that share a zeal for information security, health systems can minimize their vulnerability relative to their competitors.

Although this may take a significant investment of resources, these investments also carry a significant ROI in terms of both dollars and improvement of the general public’s trust in healthcare systems.

Brian Foy Chiief Product Officer at Q-CentrixBrian Foy is the Chief Product Officer at Q-Centrix, where he leads the product development and engineering teams, helping hospitals manage people and data to achieve measurable improvement in quality scores.

 

 

 

 

Reader Interactions

Leave a Reply

Your email address will not be published.

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Four IT Trends That Will Define 2023
Expert Series: Four IT Trends That Will Define 2023

Learn about four key technologies we identified as critical to your IT organization’s success in 2023, as well as how to invest in new innovations ...

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ