Healthcare News & Insights

Current state of data breaches, hacking: Hospital cybersecurity concerns

Major healthcare data breaches are in the news all the time, so you know how important cybersecurity is to your hospital. Protecting patient info is a priority for every organization, but new research on breaches this year could affect how you shape your cybersecurity protocol. 

According to Healthcare IT News, data breaches may be down slightly since 2017, but high-level breaches are on the rise. These “mega-breaches” occur across all industries, but they’re especially concerning for health care due to the prevalence of sensitive information in the field.

So far in 2018, there have been 3,676 publicly disclosed data breaches exposing 3.6 billion records at various companies. Mega-breaches, which are breaches that expose at least 100 million records, accounted for 84% of the 3.6 billion records exposed.

As expected, hacking remains the most common cause of data breaches.

Data breach trends

Although data breaches are slightly down from 2017, overall they’re still a significant problem.

“The overall trend continues to be more breaches and more ‘mega breaches’ impacting tens of millions, if not hundreds of millions, of records at once,” said Inga Goddijn, executive vice president for Risk Based Security, which conducted a recent study of 2018 data breaches.

Other problems include ransomware threats, such as the SamSam virus, that tend to impact healthcare organizations most, since hackers often believe these facilities are more likely to pay a ransom to protect patient info.

Cleaning up after a SamSam attack can cost millions, and patient info often still ends up exposed.

Cybersecurity improvements

While the healthcare industry is improving cybersecurity quickly, hackers also continue to improve and discover new ways to take advantage of hospitals.

Smaller hospitals are usually less secure than large organizations, but no matter the size of your facility, cybersecurity protocols must be followed consistently.

When considering your hospital’s cybersecurity policies and measures, make sure IT leaders are included in the conversations. They’re the experts and know what needs to be done to maintain security. You might also want to hire a third-party cybersecurity expert to take a look at your systems and find any holes that could be fixed.

Keeping your IT system safe may require additional resources, such as adding more employees to the department or spending more money on security protections.

If you’re not already, hold training sessions for staff on proper security measures. Make sure employees aren’t sharing passwords, and consider implementing a monthly or quarterly password change requirement to keep data safe. You can also host mock phishing drills to expose employees to common hacking techniques and remind them to never give out private information unless they’re sure who’s asking for it.

Subscribe Today

Get the latest and greatest healthcare news and insights delivered to your inbox.