There is a false sense of security in the healthcare industry that patient data is not valuable – a who-would-want-it mentality. Find out why this is very wrong and why you should let us assess the security of your health IT system in this blog post.
Medical record data is much more valuable than people think but hospitals have been slow to increase and test their security because of other technology priorities, poorly paid security staff and/or the belief that no one would want the data anyway.
The security of hospital data systems needs to become a much higher priority. Here are just a few reasons:
- Roughly one in 10 people in the U.S. have had their medical records exposed to some sort of security threat. (Politico, 7/2014)
- Medical record data is worth $50 on the black market; more than social security numbers ($3), credit card information ($1.50), date of birth ($3), or mother’s maiden name ($6). (Veriphyr, 12/2011)
- A recent Health Care Info Security article, says a comprehensive medical record might be worth even $1,000.
- The out-of-pocket costs incurred by victims of medical identity theft averages more than $18,000 and a recent HIMSS security survey showed that 12 percent of healthcare organizations have had at least one case of medical identity theft reported by a patient. (Politico, 7/2014)
- Thieves use the medical data to submit false medical claims, buy prescription medication or pay for treatment.
As a result of the increase in security breaches, HHS is increasing their disciplining of medical systems that put patients’ data at risk. Last month, it fined New York Presbyterian Hospital and Columbia University Medical Center a combined $4.8 million for disclosing the personal health information of 6,800 individuals, including patient status, vital signs, medications and laboratory results. (Politico, 7/2014)
How to Prevent Cyber Attacks on Your Healthcare IT System
The Health Care Info Security article mentioned above sites prevention as the most preferable step to deter attacks. At HealthPOINT, we provide network penetration testing and vulnerability assessment services that identify potential network security risks. Additionally, we provide an easy to read report including recommendations to mitigate found vulnerabilities.
For more information about how network penetration testing and vulnerability assessments can help prevent a costly security breach to your organization, sign up for a free consultation with us today.