Theft, hacks, information syphoning… the threats are everywhere, so much so that there was a 28% increase in data breaches from 2013 to 2014. They are getting bigger, more aggressive, more sophisticated, and the healthcare industry is a huge target.
As mentioned on 1to1Media, an astounding “43 percent of all data breaches reported in 2014 occurred in the healthcare industry, according to the Identity Theft Resource Center Breach Report.”
In the Anthem hack at the beginning of 2015, “hackers gained access to the private data of 80 million former and current members and employees of Anthem in one of the largest medical-related cyber-intrusions in history.” The attack could have obtained the information to millions of non-customers as well.
The information stolen included names, birthdays, medical IDs/social security numbers, street addresses, email addresses and employment information, including income data.
According to an abc.com piece, “The country’s second-largest health insurer said anywhere from 8.8 to 18.8 million people who are members of other Blue Cross Blue Shield plans, and used their insurance in the past decade in a state where Anthem operates, are included in the estimate of people who may have been victimized.”
From electronic medical records to wearable devices and telemedicine, the healthcare industry is undergoing a digital transformation. But these innovations also carry greater security risks if organizations lag in their ability to protect data wherever it’s stored or used, for medical records contain valuable personal information such as social security numbers, birth dates, medical histories, and billing information, making them a gold mine for hackers.
Continuing a three-year trend, breaches in the Medical/Healthcare industry topped the ITRC 2014 Breach Listwith 42.5 percent of the breaches identified in 2014. The Business sector continued in its second place ranking with 33.0 percent of the data breach incidents.
According to the Washington Post,
Security experts said health care has become one of the ripest targets for hackers because of its vast stores of lucrative financial and medical information. Health insurers and hospitals, they added, have often struggled to mount the kinds of defenses used by large financial or retail companies, leaving key medical information vulnerable.
While medical records, such as treatment details or test results, were not compromised in what Anthem called “a very sophisticated attack,” experts say the breach underlines the worrying potential for hackers to steal private health data that is valued on the black market as tools for extortion, fraud or identity theft. Medical information could be exploited, for example, to file false insurance claims and buy prescription drugs, and attackers could extort cash from policyholders desperate to keep their private medical data under wraps.
It is frightening to think that your detailed and potentially delicate medical history is at risk for exposure, and could be held for ransom. For individuals with illnesses or disabilities they’d rather keep private this can be an even more devastating intrusion. Imagine being blackmailed to keep your private information private.
Thankfully for those affected by the anthem attack, the company set up a site, anthemfacts.com, to help with identity theft repair and credit monitoring services.
Anthem is working with AllClear ID, a leading and trusted identity protection provider, to offer 24 months of identity theft repair and credit monitoring services to current or former members of an affected Anthem plan dating back to 2004.
This includes customers of Anthem, Inc. companies Amerigroup, Anthem and Empire Blue Cross Blue Shield companies, Caremore, and Unicare. Additionally customers of Blue Cross and Blue Shield companies who used their Blue Cross and Blue Shield insurance in one of fourteen states where Anthem, Inc. operates may be impacted and are also eligible: California, Colorado, Connecticut, Georgia, Indiana, Kentucky, Maine, Missouri, Nevada, New Hampshire, New York, Ohio, Virginia, and Wisconsin.
But how can you avoid getting to that point?
Simple. Talk to SLPowers Security Specialists.
In today’s technology intensive healthcare practice, you need an IT partner who understands your business. SLPowers will provide your in-house IT resources with the needed support to meet your budget and your strategic objectives. Then you can focus on patient care. We get your world and it earned us a spot on CRN Magazine’s Healthcare 100, as a top services provider.
Categories: Data Loss Prevention, Data Security, Hackers, Healthcare, Internet Security
Leave a Reply