An article by Rachel Z. Arndt, in today’s edition of Modern Healthcare, has the ominous title of, “Healthcare data breaches caused by hacks are on the rise” .According to this breaking story, “Data breaches caused by hacking, so-called IT incidents and unauthorized access are on the rise, with 162% more incidents at healthcare organizations so far in 2017 as there were in all of 2016, according to data from (*the U.S.) HHS' Office for Civil Rights.”
Some of the important statistics cited in this critical article are:
- “Between the beginning of 2017 and Aug. 14, 2017, there were five hacking or IT incidents that have been resolved, according to the OCR's breach portal, plus 76 more that are still under investigation. In all of 2016, there were just 50 hacking or IT incidents.”
- “In that same period of 2017, there were 10 resolved cases of unauthorized access or disclosure, plus 59 more still under investigation. In 2016, there were 71.”
- "You don't need to be a hacker anymore," said Bob Anderson, formerly of the FBI and now managing director in Navigant's Global Legal Technology Solutions practice. "That's a huge difference."
Arndt goes on to describe that a majority of the attacks are centered in “the darknet or illicit websites,” according to a former FBI officer. In particular, there is, per Modern Healthcare, an “uptick in attacks that compromise email. To get access to an organization's email system, a person might send an email with an attachment that's a piece of nefarious software that gives the person access to the organization's entire directory, which, in turn, likely contains at least one email password.”
In response to many reports, according to Arndt: “Still, cybersecurity spending makes up just a sliver of organizations' budgets. Forty percent of respondents to a recent HIMSS survey said 1% to 2% of their organizations' budgets goes to cybersecurity, and 32% said 3% to 6% goes to cybersecurity. More than a fifth of respondents didn't know what percentage of their organizations' budgets were spent on cybersecurity.”
Derive Healthcare, the dedicated Healthcare solutions practice of Derive Technologies, has been working with numerous, major healthcare providers to provide proactive solutions to prevent cyberattacks, malware, other hacks, and other breaches. Derive has developed solutions with leading partners, including HPE, HP, Cisco, Microsoft, Citrix, and many others, as well as with healthcare-specific partners (for point-of-care and more), to better protect providers, and also to build business, and user, workflow, that is dramatically more secure.
Please contact a Derive Healthcare security specialist to learn more by calling (212) 363-1111, or by completing the form on this page (please indicate “Derive Healthcare Security” in the form’s comments).