The replacement of filing cabinets for recording hospital records to servers and hard drives brought about both a world of convenience but also a world of new problems. With compiling information in computers it’s become easier to store more information in a smaller place, and easier to search for specific patients files or other specifics. Although with this we’re also seeing an increase in cybercriminals accessing this sensitive data for nefarious reasons, and the race to develop security measures within healthcare technology has become vital.
The Kaiser Permanente Incident
In 2013 an employee reported that there may have been a data breach via a lost usb drive which contained the name, medical record number, date of birth and medication of patients obtaining health care at the company’s Anaheim facility. A letter was sent to all patients whose data was on the flash drive a month later, but little could be done to remediate the situation without actually finding the drive.
The Root Problem
This brought to attention an intrinsic problem between healthcare providers and the ever-changing regulations which they must abide by according to the Health Insurance Portability and Accountability Act (HIPAA). Fines related to breaches in this act have been steadily rising thanks to the movement of enforcement from the Medicare Operations Division to the Office of Civil Rights under the Department of Health and Human Services.
Finding ways to minimize security risk in a healthcare environment takes a lot of time and manpower, and many healthcare institution’s security measures are still in infantile stages due to the uniqueness of this form of security.
In the past the stealing of laptops, computers, and smartphones was purely for the reselling purposes of petty criminals. Although nowadays there is a much higher risk of this sensitive data being accessed and used or sold by cybercriminals who have underground networks and markets where data is traded, a market now thought to be valued in the millions.
Arms in the Fight
The utilization of both encryption and back-ups has become a main aim of the game in the fight against cybersecurity threats in healthcare institutions, but it also requires several other steps to ensure the best defense has been enforced. Read this article for some specific tips on how to reduce the risk of a security threat in your health facility, and remember to consistently update both your software and hardware, and also your staff procedures.