Thursday, January 29, 2015

Will Healthcare Data Breaches Be Worse in 2015?

2014 was a year that data breaches consistently remained in the headlines. No business was safe as we saw many industries from home improvement to entertainment fall victim. The healthcare industry accounted for 42 percent of all reported data breaches in 2014. With healthcare leading any other industry in data breaches, the FBI’s Cyber Division warned the entire healthcare industry that their security practices are falling short compared to other industries. Many reports are now suggesting that healthcare organizations should expect to see more data breaches in 2015 with even bigger and more costly violations that ever before.  

A report released by Experian, a global information services firm, cites in its second annual data breach forecast that because of the growing entry points to protected healthcare information such as mobile devices, wearables, and other new technologies, the healthcare industry will be more vulnerable than ever before. Other reports revealed that a widespread lack of confidence in securing protected health information (PHI) will place a bigger target on healthcare.

With the big push to move all patient healthcare and personal information into digital format in recent years, the industry has become a primary target for hackers. Two motivating points were made by Consultancy IDC’s Health Insights unit in their annual top 10 predictions for healthcare. First, by the year 2020 about half of all digital healthcare data will be unprotected, the second, that healthcare organizations will experience at least one and as many as five cyber-attacks in 2015 versus 2014.

Experts say that attacks will not only grow to be more complex, but will become even simpler for hackers to commit moving forward. Today, attackers are using social media to hunt for better targets and expanding the attack surface to include Wi-Fi-enabled devices that are running vulnerable firmware. Attackers can now even rent the entire infrastructure that is needed to run online cyber scams easily without the required knowledge that it used to take to be successful. With 2015 expected to see record cyber-attack numbers, is your organization prepared?