Data Management – Recent hospital hackings expose need for stronger digital security in health care

April 18, 2016
Mia Papanicolaou
From the April 2016 issue of HealthCare Business News magazine

By: Mia Papanicolaou

It’s no surprise that security breaches such as the Los Angeles hospital cyber-attack continue to take the medical industry by storm, exposing the need for even stronger security measures to protect sensitive patient data. With the medical/health care sector holding the dubious distinction of having the highest number of data breach incidents compared to other industries, data protection is becoming even more vital as patient information is moved from paper to digital storage.

While it’s true that the Los Angeles hospital incident involved certain IT systems being locked for ransom (rather than stolen), patient records were rendered inaccessible and the hospital had to revert to paper registrations and fax communication. Even if the hackers didn’t access or copy any information, the incident still put the hospital’s and patients’ data at risk.



In 2015, another cyber-attack occurred with the Anthem Inc. database breach, exposing key security vulnerabilities in the broader health care industry. In this attack, hackers were able to access up to 80 million records, many of which included personal data like Social Security numbers and street addresses. Health care continues to be a major target for cyber criminals because this sector is usually loaded with large amounts of data as compared to other industries. When a hacker is able to access patient data, they are not only getting millions of records, but they are also getting tons of personal and private data points that are highly valued on the black market.

A report by Dell Security Works claims the going rate for stolen health care data is 10 to 20 times the price of a stolen Master- Card account. Security breaches can be mitigated, or even avoided altogether, if stronger security is put in place at all points where patient data is stored, processed and sent to the patients themselves. Four tips for health care organizations to consider when strengthening their data security include:

• Secure patient documents.Moving patient documents from paper to digital is inevitable, and does not mean that these documents have to be at increased risk of compromise. Patient registrations, insurance claims, medical history forms and lab reports are all documents that must be stored, but also shared with other participants in the health care network, as well as with the patients themselves. These documents must be protected at all points in the digital journey, using a combination of encryption, password protection, network security and access control.

You Must Be Logged In To Post A Comment