healthcare working using tablet

Healthcare Industry at Highest Risk of Cybersecurity Breaches, Study Finds

While healthcare organizations are confidently moving sensitive patient data to the cloud, less than half are encrypting that information.

  • By Haley Samsel
  • Jul 22, 2019

The healthcare industry is at the highest risk for data and cybersecurity breaches out of any economic sector in the country, according to a new study.

The report by Thales, a French security company, and IDC, an analysis firm, found that 70 percent of 100 total healthcare organizations have experienced a data breach. A third of the organizations surveyed reported a breach in the last year alone.

Adding to the cybersecurity risks is the fact that 80 percent of institutions reported storing data on the cloud, but only 38 percent of them encrypt data on their cloud platforms.

"Data security is increasingly complex, particularly for healthcare organizations immersed in cloud and digital transformation initiatives,” Tina Stewart, vice president market strategy for cloud protection and licensing activity at Thales, said in a statement. “The focus should be to encrypt everything in the cloud and keep control of the data by centrally managing the keys to the encrypted data."

According to Thales and IDC, healthcare organizations face a “broad and ever-expanding threat surface” due to the huge amount of information they collect on patients, insurance companies and more. The firms also found that IT security spending in the industry is down, making it harder for organizations to beef up their cybersecurity operations and prevent breaches.

"Healthcare data is especially attractive to hackers because it's far more valuable than other kinds of data that can be accessed and exploited,” Frank Dickson, the program vice president for security products research at IDC, said in a statement.

He added that it is harder to mitigate the damage done to patients when healthcare data is stolen.

“A credit card can be cancelled or a bank account can be closed, but private patient data circulates endlessly which opens opportunities for various types of fraud to occur again and again from a single breach,” Dickson said.

The firms recommended that organizations dedicate more resources to cloud-based security solutions, adopt new data security strategies including encryption, and prioritize compliance with data security regulations.

The findings match up with other recent studies, according to industry news website HealthcareDive. A June study by Integris Software found that while a majority of healthcare companies in the U.S. felt confident in their ability to manage sensitive data, about half updated their inventory of that data once a year or less.

About the Author

Haley Samsel is an Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

  • Maximizing Your Security Budget This Year

    Perimeter Security Standards for Multi-Site Businesses

    When you run or own a business that has multiple locations, it is important to set clear perimeter security standards. By doing this, it allows you to assess and mitigate any potential threats or risks at each site or location efficiently and effectively. Read Now

  • New Research Shows a Continuing Increase in Ransomware Victims

    GuidePoint Security recently announced the release of GuidePoint Research and Intelligence Team’s (GRIT) Q1 2024 Ransomware Report. In addition to revealing a nearly 20% year-over-year increase in the number of ransomware victims, the GRIT Q1 2024 Ransomware Report observes major shifts in the behavioral patterns of ransomware groups following law enforcement activity – including the continued targeting of previously “off-limits” organizations and industries, such as emergency hospitals. Read Now

  • OpenAI's GPT-4 Is Capable of Autonomously Exploiting Zero-Day Vulnerabilities

    According to a new study from four computer scientists at the University of Illinois Urbana-Champaign, OpenAI’s paid chatbot, GPT-4, is capable of autonomously exploiting zero-day vulnerabilities without any human assistance. Read Now

  • Getting in Someone’s Face

    There was a time, not so long ago, when the tradeshow industry must have thought COVID-19 might wipe out face-to-face meetings. It sure seemed that way about three years ago. Read Now

    • Industry Events
    • ISC West
Most   Popular

Featured Cybersecurity

Webinars

New Products

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance. 3

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3