While many small businesses mistakenly think they’re immune to data breaches because of their size, and therefore put minimum protection in place, healthcare organizations can't ever risk taking this laissez-faire approach - and they'd be in trouble if they did. After all, there are rules and regulations when it comes to healthcare IT systems, and huge fines if you don't meet certain standards. Health practices are tempting targets for hackers, who appreciate the high cost of patient treatment and the wealth of personal information stored by doctors. This is why malicious attacks are carried out on healthcare centers all the time. Two separate 2015 surveys, performed by the Ponemon Institute and the global corporation KPMG, produced some alarming statistics. Here’s what they discovered.
This survey of 223 chief healthcare executives revealed that 81 percent of healthcare organizations have been breached in the last two years. What may come as even more disturbing news is that 25% of these executives noted that their organizations were attacked anywhere from one to five times a week.
And the organizations which are aware they’re being attacked are actually the lucky ones. According to Greg Bell, KPMG’s leader of the firm’s Cyber Practice, "The experienced hackers that penetrate a vulnerable health care organization like to remain undetected as long as they can before extracting a great deal of content, similar to a blood-sucking insect." That means the longer a cyber attack goes unnoticed, the more damage it can do to your practice.
The survey also revealed the greatest threats facing today’s healthcare organizations by type, according to the respondents:
Released in early 2015, the Ponemon Institute’s Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data may come as even more of a shock than KPMG’s survey. According to this study, 91% of healthcare organizations have experienced at least one data breach in the last two years, 39% have had two to five breaches, and 40% have had more than five.
So what’s the real reason for all these data breaches? The report claims that "cyber criminals recognize two critical facts of the healthcare industry: 1) healthcare organizations manage a treasure trove of financially lucrative personal information and 2) healthcare organizations do not have the resources, processes, and technologies to prevent and detect attacks and adequately protect patient data."
Although the information revealed by these two surveys is anything but positive, that doesn’t mean there’s nothing you can do. To protect your practice, there are five key steps you can take:
These are just the basics of what you should be doing if you run any sort of healthcare center. Protecting the data of your patients, both personal and financial, is of paramount importance; failure to do so will result in fines or, worse still, the loss of your reputation. Delaney Computer Services, Inc. has years of experience in designing, deploying and maintaining IT services and solutions tailored for the healthcare industry. To learn more about how you can protect the data of your healthcare practice, get in touch with us today.