Categories: Technology

Data Breach And Electronic Reporting In Healthcare

Electronic Health Records (EHRs) are credited with improving patient care and care coordination, increasing patient participation in health care decisions, improving health care practice efficiency, and reducing costs of healthcare services. On the downside, EHRs also expose healthcare facilities and medical practices to significantly higher risks of data breach and cyberattacks.

As more personal and medical information is maintained electronically, a larger pool of hackers will be drawn to that information because of its high value in the cybercriminal underground.

IMAGE: PEXELS

The higher cyberattack risk in the healthcare and EHR industries is a function of several factors.

  • Healthcare cyberdefenses have not kept pace with HER expansion;
  • Healthcare technology still uses embedded legacy software that has not been ungraded with enhanced security;
  • Healthcare facilities and medical practices do not believe that they are at risk of experiencing a cyberattack;
  • EHR information is an attractive, high-value asset for cybercriminals;
  • Healthcare facilities are uniquely prone to ransomware attacks because they cannot delay the delivery of services because a network is inaccessible;
  • Healthcare organizations have not defined or centralized cybersecurity teams, leaving strategic decisions to a disparate group of IT professionals that have no global authority to implement effective cyberdefense strategies.

Data Breach And Electronic Reporting

Healthcare facilities stand to lose substantial financial resources when they experience a successful cyberattack. Federal regulators, for example, imposed a $5.5 million fine against Chicago-based Advocate Health Care following that organization’s loss of a large number of patient records that were stored on a personal computer that thieves physically removed from a facility. That fine was in addition to the other costs and expenses that Advocate Health faced to recover the lost data and to establish credit-monitoring services for patients whose records had been stolen.

[pullquote]None of these problems indicate that the cybersecurity situation for healthcare and EHRs is beyond repair.[/pullquote] Healthcare organizations can improve their cybersecurity environments first, by taking stock of the systems and devices in their facilities and adding strong encryption protection over patient data that is generated and stored in those facilities. Those organizations should also adopt a regular program of training healthcare providers in cybersecurity basics. Because EHRs connect different nodes within the healthcare service, sector, organizations should examine supply chains to detect weaknesses and to implement best practices that stand out within those supply chains.

From a technology perspective, healthcare organizations should consider using stronger data authentication routines and “tokenizing” sensitive data, which effectively limits access to that data to a smaller pool of individuals. EHR network access can be made more secure with biometric technology and other login procedures that raise the bar against attempts by unauthorized parties to log in to healthcare networks.

Cybersecurity insurance is the ultimate end game for cybersecurity in healthcare. The cybersecurity insurance industry is barely ten years old, but banks, professional service providers, and large corporations have jumped at the opportunity to insure themselves against the inevitable cyberattacks that they face every day. Healthcare organizations have not been as quick to procure cybersecurity insurance, possibly because healthcare providers have downplayed cyberattack risks. Situations like the Advocate Health data breach and the losses and fines that it spawned are quickly changing this perspective.

Cybersecurity insurance can reimburse healthcare entities for their direct losses from a ransomware attack or data breach. It can also provide compensation for third parties whose data was compromised in the breach and pay at least a portion of the fines that regulatory bodies might impose when a healthcare data breach creates a HIPAA or other healthcare data privacy violation. Most critically, cybersecurity insurance can keep a healthcare facility up and running to enable care providers to continue to provide necessary services to their patients.

For more security-related stories and information from us here at Bit Rebels, click here.

IMAGE: PEXELS
Richard Darell

Richard Darell is the founder and CEO of Bit Rebels, a multifaceted online news outlet that reports daily on the latest developments in technology, social media, design and everything geek. Today this media entity welcomes more than 3.5 million unique visitors per month and is considered the go-to place for people in constant motion. As an Internet entrepreneur, he is dedicated to constantly trying to develop new ways to bring content faster and closer to the end user in a more streamlined way. His excitement for statistics has allowed him to further develop systems that continuously produce accurate and fast-paced analytics to better optimize the approach by which Bit Rebels presents news and content. His graphic design background has proven to be an important tool when designing new systems and features for Bit Rebels since the development of solid and stable code depends entirely on their structure and implemented procedures. Richard currently resides in Stockholm, Sweden and directs the Bit Rebels offices in both Stockholm and Atlanta. You can reach Richard at richard@bitrebels.com

Recent Posts

Evan Ciniello: Using Surreal Imagery To Convey Unease In “Diaspora”

Evan Ciniello’s work on the short film "Diaspora" showcases his exceptional ability to blend technical…

3 days ago

BOM’s Spirit Of Independence Awards Shine In West Hollywood

It’s my first time attending the BOM Awards, and it won’t be the last. The…

3 days ago

Tips To Match Your Leather Lounge With Your Interior Decor

Leather lounges are a renowned choice for their durability and versatility. In the range of…

3 days ago

Navigating The Jet Charter Industry: A Comprehensive Overview

Charter jets are gaining in popularity, as they allow clients to skip the overcrowded planes…

3 days ago

The Importance Of Cloud Computing And Cybersecurity In Today’s Tech Landscape: Mike Robinson Of Utah, Shares His Perspective

Cloud computing has transformed how businesses operate, offering flexibility and efficiency at an unprecedented scale.…

4 days ago

7 Key Factors To Consider For Successful Live Betting In 2025

Live betting is the in thing in the online betting industry. The ability to place…

4 days ago