A comprehensive data breach study by Verizon was released in October 2012. The study of 832 breaches across many sectors, including health care, was conducted in cooperation with the U.S. Secret Service, as well as Dutch and Australian authorities.
When it came to health care, most of the breaches occurred in smaller medical and dental practices with 1-100 employees. Cyber criminals primarily targeted these organizations because of a perceived weakness in data security. Often, basic encryption techniques have not yet been employed in some of these smaller enterprises.
Most of the time, the goal of these cyber crooks was to access private patient data in order to exploit it for financial gain, often involving identity theft. Social security numbers, credit card information and birth dates can all be exploited by criminals, many of them from organized cartels. Of these events, the bulk of them exploited point-of-sale (POS) vulnerabilities, although the Verizon report also highlighted the need for better protection of both medical devices and electronic health records.
The Verizon study suggests that smaller health care targets that are perceived by malicious hackers as being lower risk get more attention.
Due to the prospect of HIPAA audits on the horizon, many healthcare CIOs have been highly focused on clinical data. However, the Verizon study of 60 data breaches suggests it is patient financial data that is the more common target at this time.
This data is coveted simply because cyber criminals can often turn such information into cash, and quickly. Therefore, while securing clinical data remains a vital pursuit as well, it is essential that large data points consisting of social security numbers, birth dates, and/or credit card data be fully secured as well.
We are committed to assuring that our clients are afforded the data security that they require. Allow us an opportunity to demonstrate how we can help to secure critical data and improve your peace-of-mind. Please contact us today.