Experian reported that the “healthcare sector may continue to be the focal point for hackers as medical identity theft remains lucrative and easy for cyber criminals to exploit.” The November 28, 2016 report entitled “2017 Fourth Annual Data Breach Industry Forecast” included this takeaway advice:
As attackers shift their focus, an increase in hospital breaches means the consequences for healthcare organizations that don’t properly manage this risk will increase. Healthcare organizations of all sizes and types need to ensure they have proper, up to date security measures in place, including contingency planning for how to respond to a ransomware attack and adequate employee training about the importance of security.
Experian also included the following in its Prediction Scorecard about Healthcare based on 2016:
BIG HEALTHCARE HACKS WILL MAKE THE HEADLINES, BUT SMALL BREACHES WILL CAUSE THE MOST DAMAGE
In 2016, there were 181 reported healthcare breaches ranging in size from 500 to 3.6 million effected individuals. While several large breaches like Banner Health and 21st Century Oncology lost more than 5 million records combined, small breaches also had a large impact. Breaches impacting 200,000 people or less accounted for 96 percent of all healthcare related breaches and impacted 1,400,872 individuals.
My friend Judy Greenwald wrote an article for Business Insurance entitled “2017 to usher in new wave of cyber attacks” and started with these comments about the Experian report:
Businesses should brace for “full-on” cyber attacks next year, particularly if they are part of the critical infrastructure that provides essential services related to the nation’s economy, security and health, a study warns
Healthcare is well-aware of the cyber threats, but maybe not adequately protected…time will tell.