At Soteria Cloud we like to keep abreast of the latest data breaches and cyber attacks where the organisations involved have failed to make use of encrypted data backups and cloud computing services. We have brought you news on many of these attacks on large companies in the past and in recent months; more recently though, the healthcare industry has come under scrutiny.
While healthcare companies and organisations busy themselves with taking care of their patients, their systems and data may be experiencing their own ailments – cyber attacks. KPMG released a worrying statistic that over 80% of healthcare organisations have been compromised by means of malware, botnet or various other types of cyber attacks. A more disturbing statistic is that only half of these organisations feel that they are fully prepared to fend off a future attack. One of the biggest concerns faced is that most healthcare IT security systems cannot detect if they have been compromised in real time. This means that a data breach can only be realised and then rectified when the damage is already done.
Where is the value in patient records?
According to Michael Ebert of KPMG, “patient records are far more valuable than credit card information for people who plan to commit fraud, since the personal information cannot be easily changed.”
It has become obvious that healthcare IT security needs more patient care themselves. Meaning that the IT professionals responsible for security of these systems need to implement better systems and policies to ensure that data breaches, hacking, malware and other cyber security threats are minimised. It is with this in mind that all healthcare organisations should regularly ensure that their security systems are up to date and fully operational.
Leading concerns
So where are healthcare IT security systems most vulnerable in terms of their data? It’s worth noting that the KPMG survey was done in the US, but that doesn’t mean that we don’t have our own problems in SA. Let’s take a look at what the KMPG US survey statistics have to say:
- External hackers – 65%
- Sharing data with third parties – 38%
- Employee breaches and in-house data theft – 35%
- Wireless computing – 35%
- Inadequate firewall security – 27%
It has been found that many healthcare organisations do indeed have security measures in place…they just don’t fit the needs and requirements of the business. It is vitally important that all healthcare companies take the time to have a security system custom designed to suit their specific needs. All sensitive data should also be backed up to the cloud and not kept on the local systems. For the best possible system security, patient information should be encrypted and backed up to a remote server/the cloud.
Have you ever been a victim of medical aid claims fraud or had your sensitive medical data breached? Does your healthcare provider make use of encrypted online backups and have the much needed IT security systems in place to protect you? Let us know!
