Categories: Technology

Data Breach And Electronic Reporting In Healthcare

Electronic Health Records (EHRs) are credited with improving patient care and care coordination, increasing patient participation in health care decisions, improving health care practice efficiency, and reducing costs of healthcare services. On the downside, EHRs also expose healthcare facilities and medical practices to significantly higher risks of data breach and cyberattacks.

As more personal and medical information is maintained electronically, a larger pool of hackers will be drawn to that information because of its high value in the cybercriminal underground.

IMAGE: PEXELS

The higher cyberattack risk in the healthcare and EHR industries is a function of several factors.

  • Healthcare cyberdefenses have not kept pace with HER expansion;
  • Healthcare technology still uses embedded legacy software that has not been ungraded with enhanced security;
  • Healthcare facilities and medical practices do not believe that they are at risk of experiencing a cyberattack;
  • EHR information is an attractive, high-value asset for cybercriminals;
  • Healthcare facilities are uniquely prone to ransomware attacks because they cannot delay the delivery of services because a network is inaccessible;
  • Healthcare organizations have not defined or centralized cybersecurity teams, leaving strategic decisions to a disparate group of IT professionals that have no global authority to implement effective cyberdefense strategies.

Data Breach And Electronic Reporting

Healthcare facilities stand to lose substantial financial resources when they experience a successful cyberattack. Federal regulators, for example, imposed a $5.5 million fine against Chicago-based Advocate Health Care following that organization’s loss of a large number of patient records that were stored on a personal computer that thieves physically removed from a facility. That fine was in addition to the other costs and expenses that Advocate Health faced to recover the lost data and to establish credit-monitoring services for patients whose records had been stolen.

[pullquote]None of these problems indicate that the cybersecurity situation for healthcare and EHRs is beyond repair.[/pullquote] Healthcare organizations can improve their cybersecurity environments first, by taking stock of the systems and devices in their facilities and adding strong encryption protection over patient data that is generated and stored in those facilities. Those organizations should also adopt a regular program of training healthcare providers in cybersecurity basics. Because EHRs connect different nodes within the healthcare service, sector, organizations should examine supply chains to detect weaknesses and to implement best practices that stand out within those supply chains.

From a technology perspective, healthcare organizations should consider using stronger data authentication routines and “tokenizing” sensitive data, which effectively limits access to that data to a smaller pool of individuals. EHR network access can be made more secure with biometric technology and other login procedures that raise the bar against attempts by unauthorized parties to log in to healthcare networks.

Cybersecurity insurance is the ultimate end game for cybersecurity in healthcare. The cybersecurity insurance industry is barely ten years old, but banks, professional service providers, and large corporations have jumped at the opportunity to insure themselves against the inevitable cyberattacks that they face every day. Healthcare organizations have not been as quick to procure cybersecurity insurance, possibly because healthcare providers have downplayed cyberattack risks. Situations like the Advocate Health data breach and the losses and fines that it spawned are quickly changing this perspective.

Cybersecurity insurance can reimburse healthcare entities for their direct losses from a ransomware attack or data breach. It can also provide compensation for third parties whose data was compromised in the breach and pay at least a portion of the fines that regulatory bodies might impose when a healthcare data breach creates a HIPAA or other healthcare data privacy violation. Most critically, cybersecurity insurance can keep a healthcare facility up and running to enable care providers to continue to provide necessary services to their patients.

For more security-related stories and information from us here at Bit Rebels, click here.

IMAGE: PEXELS
Richard Darell

Richard Darell is the founder and CEO of Bit Rebels, a multifaceted online news outlet that reports daily on the latest developments in technology, social media, design and everything geek. Today this media entity welcomes more than 3.5 million unique visitors per month and is considered the go-to place for people in constant motion. As an Internet entrepreneur, he is dedicated to constantly trying to develop new ways to bring content faster and closer to the end user in a more streamlined way. His excitement for statistics has allowed him to further develop systems that continuously produce accurate and fast-paced analytics to better optimize the approach by which Bit Rebels presents news and content. His graphic design background has proven to be an important tool when designing new systems and features for Bit Rebels since the development of solid and stable code depends entirely on their structure and implemented procedures. Richard currently resides in Stockholm, Sweden and directs the Bit Rebels offices in both Stockholm and Atlanta. You can reach Richard at richard@bitrebels.com

Recent Posts

White Label vs. In-House Facebook Ads: Which Is Right For Your Business?

Are you an entrepreneur or the manager of a digital marketing agency interested in Facebook…

1 day ago

How Are Restaurants Going Green? Six Eco-Friendly Trends Increasing In Popularity

As more and more industries adopt eco-friendly business practices, the restaurants is joining the ranks…

2 days ago

Thane Stenner’s Insight On The Impacts Of High Tax Rates On Canadian Wealth

Taxes are a fact of life, but are they driving Canada’s wealthy to seek greener…

2 days ago

Creating Impactful Business Outcomes: Adam S. Kaplan’s Visionary Perspective

In today's rapidly shifting market, achieving impactful business outcomes is essential for survival and growth.…

2 days ago

Dian Shuai: From Baroque To Big Screen – A Composer’s Journey Of Emotion And Excellence

Dian Shuai, a music and film composer from Beijing, China, has been immersed in music…

2 days ago

The Unexpected Ways Digital Communities Are Changing Sports Betting Trends

We’ve seen a rise in social gaming sites over the years. These sites, which are…

3 days ago