Man, hospitals and the healthcare industry just can’t catch a break. Earlier this week we told you about Community Health Systems and their data breach of 4.5 million patients—yikes. Well, it doesn’t get any better because a new report is out that says that 90% of health care systems have patient data that’s either been lost or stolen in the past two years. Chances are, if you’ve been in a hospital the past few years that some weirdo in his parents’ basement knows you have a bad skin rash on your left butt cheek.
90% is a crazy amount, and that’s from ALL hospitals. Community Health Systems lost 4.5 million in patient data alone, so imagine the rest of the health care organizations around the nation losing a similar amount.
It seems like health care patient data would be useless, but it fetches a pretty penny in the darker corners of the Internet. Going for around $50 a pop compared to the $1 market price for credit card information, people who are fond of scams and identity theft use the medical data for insurance fraud, prescriptions, and other nefarious activities.
Dude, the healthcare sector faces far more data breaches than both the military and banking industries combined, so clearly hackers are far more concerned with getting their pill fix than piloting a nuclear missile or messing with my Bank of America account.
The reason for the breaches in the health care sector is because it’s easy to do. In case you weren’t aware, a hospital’s primary focus is on helping sick people, and not on whether you set up a firewall properly or encrypted your data. Who knew? (Everyone. Everyone knows that).
The other problem is that the Health Insurance Portability and Accountability Act (HIPAA) doesn’t require encryption from physicians and health organizations—it merely requires them to safely store the data. So even if something is behind a firewall on a secure server, hospitals don’t have the data encrypted, and often times they use outdated software in their infrastructures.
With hackers becoming more advanced, more emphasis needs to be placed on securing this data, as it adversely affects the livelihood of the patients whose data was stolen. In this digital age, hospitals have a duty to extend their care beyond just the medical aspect—they have to become more technologically advanced and aware to be able to provide proper and safe care for their patients and their data.
(h/t CNN Money)
For more information contact Albert Ahdoot