With the advent of the COVID-19 pandemic, there are more eyes than ever on the U.S. healthcare system. Much of that is focused on the handling of the pandemic itself. But others are also looking more closely at healthcare organizations’ vulnerabilities when it comes to data security and breaches.
To help you learn more about the issue, here are some common FAQs about data breaches and how they affect the healthcare industry:
Why Would Hackers Want to Breach a Hospital Database?
Medical systems contain all kinds of personal and private information about patients, not to mention vast amounts of employee data. Hackers can use these kinds of information for a variety of purposes.
They can use a person’s insurance information to commit insurance fraud. They could take a patient or employee’s name, birth date, SSN, and other personally identifying information to open a credit card or personal loans. If so inclined, they could even use knowledge about delicate medical conditions to blackmail patients.
Or a hacker could use a breach to install ransomware on a hospital’s system. This can be a particularly profitable approach as, depending on the size of the healthcare provider, payouts can reach into the millions. (The average for the second quarter of 2020 was $178,254, which is up 60% from the previous quarter.)
How Do Hospitals Compare to Other Industries When It Comes to Breaches?
Banks, credit card companies, and other financial institutions seem like the most obvious targets for hackers. However, the sensitive–and therefore valuable–nature of the personal data and insurance information that hospital databases can store have made them more and more appealing.
In many cases, such information can be easier to get than that of other industries. There is evidence that healthcare systems tend to be less advanced when it comes to data security. Only 23% of healthcare organizations have fully employed security automation tools. And on average, it can take healthcare organizations 329 days to identify and contain a breach (versus 280 days for other industries).
Have There Been More or Fewer Data Breaches with COVID-19?
The number of reported healthcare data breaches for the first six months of 2020 is down more than 10% from the last half of 2019, with 83% fewer breached records. This is good news on its face, but the figures could be misleading. Hackers don’t always attack right away; they could infiltrate a system and then bide their time until launching an attack.
Experts have yet to determine to what extent the distraction of the pandemic has had or will have on data breaches. On one hand, new infrastructures put into place to accommodate more remote workers could be confusing and slowing down hackers who are used to certain points of access. Or those same infrastructures could have unanticipated security weaknesses. How all of it will play out remains to be seen.
Is There Anything I Can Do to Protect My Personal Health Information?
Unfortunately, there isn’t really anything you can do to prevent a hacker from accessing your records in a healthcare system’s database. You simply have to trust that your healthcare provider is doing everything it can to keep breaches from happening.
To mitigate any damage that may occur from a breach, information is your best friend. Always be sure to monitor your credit records, as well as your public records. By doing so regularly, you can identify fraudulent activity sooner and make similarly quick efforts to stop it.
Ultimately, what all of this means is that–just like any data breach at any other kind of company–you should always hope for the best and expect the worst. Healthcare providers continue to adapt and build up their defenses against hackers. In the meantime, as long as you stay on top of your personal data, any damage should be minimal.
For more information about data breaches and other things you can do to protect your digital identity and personal information, be sure to check out the articles on the PeopleFinders blog.
Image attribution: Photo by Micolas – www.shutterstock.com
