Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cyberattacks will compromise 1-in-3 healthcare records next year

Lucas Mearian | Dec. 9, 2015
Virtual care to become the norm.

healthcare security

Consumers will see an increase in successful cyberattacks against their online health records next year; supercomputers like IBM's Watson will reduce patient deaths and treatment costs by 10% in 2018; and virtual healthcare will soon become routine.

Those are some of the predictions made by IDC's Health Insights group in a new report.

The report claims that because of a legacy of lackluster electronic security in healthcare and an increase in the amount of online patient data, one in three consumers will have their healthcare records compromised by cyberattacks in 2016.

"Frankly, healthcare data is really valuable from a cyber criminal standpoint. It could be 5, 10 or even 50 times more valuable than other forms of data," said Lynne Dunbrack, research vice president for IDC's Health Insights.

Not only do healthcare records often have Social Security and credit card numbers, but they are also used by criminals to file fraudulent medical claims and to get medications to resell.

Healthcare fraud costs the industry from $74 billion to $247 billion a year in the U.S., according to FBI statistics. Fraudulent billing represents between 3% and 10% of healthcare expenditures in the U.S. each year, Dunbrack said.

The biggest problem is that the industry has been a laggard in deploying security technology. Dunbrack pointed to high-profile examples of healthcare providers who experienced massive breaches this past year, including Anthem and Premera Blue Cross.

healthcare apps virtual doctor visits
Credit: Shutterstock

Anthem reported that nearly 80 million records had been exposed; Premera suffered a breach of more than 11 million records.

"Part of this increase [in cyber attacks] is because there's more electronic data than ever before," Dunbrack said. "Some of the things leading to attacks are good things. For example, digitized formats allow [sharing] patient data among providers."

The solution to reducing data breaches is to educate patients and healthcare provider staff to be more aware of sophisticated phishing and spear-phishing schemes being used to access sensitive data.

Phishing is an attempt by cybercriminals to masquerade as a trustworthy entity in an electronic communication to gain sensitive consumer data. Phishing attacks typically come in the form of emails, social network messages or other forms of electronic communication.

"We're not talking about the Nigerian prince who'll share millions of dollars with you if you will only wire him some money," Dunbrack said. "They look like something you might get from IT or from...UPS or FedEx. They've got all the logos. You've got to stop and think."

Additionally, healthcare networks need to increase the sophistication of their security analytics software so they can identify attacks as they're happening and head them off by learning their patterns.

 

1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.