While many industry sectors completed their digital transition slowly, the healthcare sector changed rapidly and often with little preparation, leaving crucial computer networks open to hackers.
Just 9.4% of hospitals used electronic health records (EHRs) in 2008, but six years later, 75.5% of facilities had adopted at least a basic EHR system, The Office of the National Coordinator for Health Information Technology reported in 2015.
Data is vital for healthcare informatics professionals and others seeking to enhance care and control costs. It’s also highly valued by cyber criminals who steal patients’ identities to barter on the dark web and black market, and to demand ransoms from medical providers.
In 2015, health insurance company Anthem was hacked, exposing the personal information of 79 million customers. The company agreed to pay $115 million to settle class-action lawsuits over the breach.
From late 2009 through 2015, about 155 million U.S. patients were affected by nearly 1,500 data breaches, according to a 2016 report by the Center for Technology Innovation at Brookings.
The report highlighted several contributing factors:
Cyber attacks will affect 1 in 13 patients and cost U.S. health systems $305 billion from 2015-19, according to Accenture. About 25% of those affected by healthcare data breaches will become identity theft victims and 16% will have to pay out-of-pocket costs, the global technology services firm forecast in 2015.
Although healthcare leaders can boost their organization’s ability to defend against hackers by an average of 53% by implementing cybersecurity measures, such preparation is lacking, Accenture noted. That leaves an opening for hackers to lock down critical network systems in exchange for ransom; a vulnerability with potentially life-or-death consequences for patients.
The Brookings report offered recommendations for bolstering the security of patient data and healthcare systems, including: