Cyberattacks in healthcare organizations are growing in frequency, and healthcare organizations are being held liable. Therefore, special priorities must be taken to secure their data against cyberattacks, as the misuse of patient information and confidentiality is the main concern.
According to ESET, healthcare organizations experience monthly cyberattacks. In a survey, 48 percent of respondents reported that their organization experienced loss of patient information in the past 12 months. This results in the exposure of sensitive information.
The survey also demonstrated that the exploiting of existing software vulnerabilities and web-borne malware attacks are the most common security incidents. Respondents report on the commonality of security incidents as follows:
- 78 percent – exploitation of existing software vulnerabilities greater than three months old
- 75 percent – web-borne malware attacks
- 70 percent – exploits of existing software vulnerability less than three months old
- 61 percent – lost or stolen devices
For a complete list of healthcare IT incidents click here.
The lesson here is that existing vulnerabilities of legacy software and web-borne malware attacks are the most common incidents at a healthcare organization. Legacy systems lead to increased threat to patient medical records. Technology enhances our work environment, but big data and the Internet of Things also increase vulnerabilities.
The technologies pose a greater risk to patient information than employee negligence. As a matter of fact, 52 percent of respondents blame new technologies such as the cloud, mobile, big data, and the Internet of Things for increasing vulnerability toward patient information.
The most valuable pieces of information in a healthcare organization are patient medical records. Billing information comes in at second. A complete assessment is required to meet compliance and audits.