Information isn’t as safe as we’d like to believe. Throughout the years you’ve heard stories and read news about how company X was compromised by some third party. People’s information –be it names, phone numbers or even credit cards—were stolen in the process.
Unfortunately, this isn’t exclusive to the healthcare industry. As an industry, it’s plenty valuable, loaded with personal data which can be used for various malicious purposes.
Think it isn’t so bad? Guess again. In 2015, Anthem, one of the biggest healthcare insurance providers in the US, suffered a breach, affecting over 78 million people. And that was just in 2015. Things like social security numbers and home addresses were siphoned, demonstrating just how vulnerable any major network really is.
Millions of people have had their information taken from these breaches, and not just from Anthem. Many of these breaches have also occurred over the past decade.
What have we learned about the far-reaching harm? Well, an Accenture survey revealed that 25 percent of Americans have been affected by these breaches in some way. Wonder why you’re getting strange calls from numbers you don’t recognize? This might be why.
Worse yet, in some cases it went beyond medical theft. Some had to pay costs to cover damages to their identity, upwards of $1,000.
A harsh reality, especially considering everyone has medical record in some form. And isn’t that supposed to be the most guarded data? Unfortunately, no. It’s estimated that healthcare security is quite weak.
There is no central reason, but some factors add up. for example, in some hospitals, infrastructure is old. Computers run on outdated operating systems and don’t always update their security software. Records are not encrypted or necessarily protected when transferred to digital.
Employees too may not be aware of how to handle, access and protect data when stored in servers. Records can become disorganized, or basic procedures for shielding info falls through. For instance, workers may not be aware of how to identify phishing scams or may not have proper software installed to deflect malware.
Legacy infrastructure is another major problem. UK hospitals, for example, suffered a serious blow when the ransomware “WannaCry” virus compromised thousands of systems. Why? They were using Windows XP, a decade old operating system. For some hospitals, replacing this kind of infrastructure is incredibly challenging, and thus left alone. But because it’s old, it lacks protection against modern threats, resulting in disaster.
Getting the medical industry up to standard is a huge hurdle that needed to happen yesterday. Data breaches are now a fact of life in this information flooded world, so it’s no longer satisfactory to leave things in a “set it and forget it” mindset.
Unfortunately, it’s likely we’ll continue to see more breaches in the future as complex malware attacks become more prevalent.
