Report Examines Top Healthcare Data Security Threats

Report Examines Top Healthcare Data Security Threats

Protected Harbor, a full-service IT solution and consulting firm, just announced the launch of its latest whitepaper on healthcare cybersecurity. The whitepaper, entitled “2021 Healthcare Data Breach Trend Report” offers readers an insight into evolving healthcare data breach patterns, predictive threats for 2022, and a playbook on how to increase IT durability to stop future healthcare data attacks.

“Due to the financial value of patient health information, electronic health records stored in healthcare organizations are a major target for cybercriminals,” said Richard Luna, CEO of Protected Harbor. “Attacks and exploits are evolving every day, becoming more sophisticated and carrying more devastating payloads. Protections must be implemented at every layer of a system.”

The healthcare data breach report, conducted by Protected Harbor, included statistics from 686 security breaches of 500 or more healthcare records; as reported by HHS’ Office for Civil Rights (OCR). 74% of all healthcare data breaches are from hacking and IT incidents, attributed to understaffed healthcare IT departments, legacy technologies not configured properly for new medical technology, and a lack of interoperability standards. This problem is costing companies around $9.23M per data breach, as reported by IBM.

The Threats
As the industry continues to evolve and respond to the data growth from increased usage of medical devices and technologies, more vulnerabilities are discovered. The “2021 Healthcare Data Breach Trend Report,” by Protected Harbor, has identified the following top healthcare data security threat issues heading into 2022:

IoT connected medical devices
mHealth & Telehealth technologies
The Cures Act & remote patient access
Understaffed & underfunded IT departments
Lack of employee security training

The Solutions Improving healthcare cybersecurity and network architecture will harden healthcare infrastructure, increase application durability, decrease overall costs, and increase public trust. The report also identified the following data protection suggestions for Healthcare IT departments:

Fast healthcare Interoperability resource standards
Multi-factor authentication
Mobile device security strategy
Isolated and validated backups
Integration of managed service teams

“Digitalization has drastically increased the amount of data and how the healthcare industry does business. But the original network architectural designs were not meant to handle this size of a workload,” continued Luna. “Teams need to do more regular penetration tests, malware tests, backup validation, disaster recovery drills, improve monitoring, run compliance scans, and keep to a maintenance schedule. It is not easy to keep track of so many moving parts that have been integrated since Covid-19. That is why so many HCIT departments are teaming up with managed service firms.”

The Numbers Additional findings from the 2021 Healthcare Data Breach Trend Report, include network server attacks accounting for 53% of all incidents in 2021, followed by email attacks at 27%. 21% of breaches can be attributed to unauthorized access, such as granting too much-privileged access to third parties. Hacking and IT incidents targeting outpatient and specialty clinics have grown 41% in the past year. 30% of all large data breaches in the U.S. are from hospitals. And California has the most healthcare data breaches, making up 10% of all breaches in 2021; followed by Texas (8%) and New York (6%).

The full 2021 Healthcare Data Breach Trend Report can be found on http://www.stopthebreach.org.

Featured

  • First Responders Give NIST Their Communications Tech Wish Lists

    First Responders Give NIST Their Communications Tech Wish Lists

    Our first responders have spoken. An extensive research project conducted by experts at the National Institute of Standards and Technology (NIST) reveals what our country’s police, fire, emergency medical and 911 dispatch responders think about the communications technology they use on a regular basis and how they would like developers to improve it in the future. Read Now

  • Study Finds U.S. Enterprises Hit by Short-staffed Security Operations Centers

    Study Finds U.S. Enterprises Hit by Short-staffed Security Operations Centers

    ManageEngine, the enterprise IT management division of Zoho Corporation, recently announced results from its new study, Cloud Security Outlook 2023. The study found that enterprises have a limited number of analysts running their security operations centers (SOCs) and are deploying multiple tools in an attempt to address their cloud security challenges. Read Now

  • Report: More Than Half of Organizations Have Experienced an Insider Threat in the Past Year

    Report: More Than Half of Organizations Have Experienced an Insider Threat in the Past Year

    Gurucul, a provider of solutions in the Next Generation SIEM market, and Cybersecurity Insiders, a 600,000+ member online community for information security professionals, recently released its annual 2023 Insider Threat Report. Overall, results indicate insider threats are a top concern at organizations of all kinds; only 3% of respondents surveyed are not concerned with insider risk. Read Now

  • ISC West Is Two Months Away

    ISC West Is Two Months Away

    The annual “vacation” to Las Vegas is less than two months away. I anticipate it will be an amazing show, and furthermore, I expect the show hall to be teeming with interested security professionals. Read Now

    • Industry Events

Featured Cybersecurity

New Products

  • BriefCam v6.0

    BriefCam v6.0

    BriefCam has released BriefCam v6.0, which introduces the new deployment option of a multi-site architecture. This enables businesses with multiple, distributed locations to view aggregate data from all remote sites to uncover trends across locations, optimize operations and boost real-time alerting and response – all while continuing to reap the benefits of BriefCam's powerful analytics platform for making video searchable, actionable and quantifiable. 3

  • Hanwha Techwin Wisenet XRN-6410DB4 / mXRN-3210B4

    Hanwha Techwin Wisenet XRN-6410DB4 / mXRN-3210B4

    Hanwha Techwin America, a global supplier of IP and analog video surveillance solutions, unveiled two new Wisenet X series NVRs that support the industry’s first video playback and recording of up to 8K super-high-resolution images. 3

  • PDK IO Access Control Software

    PDK.IO Access Control Software

    ProdataKey now allows for "custom fields" within the interface of its pdk.io software. Custom fields increase PDK's solutions' overall functionality by allowing administrators to include a wide range of pertinent data associated with each user. 3