Healthcare data breaches are on the rise, and they’re not likely to slow down anytime soon. Experts say the change to electronic health records (EHRs) hasn’t come with enough defenses to protect patient data.
Last year, there were 322 breaches of healthcare information, and more than 8 million patient records were compromised, according to the Identity Theft Resource Center. Experts say lax security measures and the appeal of patient information have led hackers to target health data.
"The healthcare industry is not as resilient to cyber intrusions compared to the financial and retail sectors, therefore the possibility of increased cyber intrusions is likely," the Federal Bureau of Investigation said in a statement to healthcare providers in April.
Experts say that health data is especially attractive to hackers because health records usually contain a wealth of information, including a Social Security number, health insurance information, financial details and prescription information. In fact, health records can sell for $50 on the black market, while a Social Security number sells for about one dollar, according to the Medical Identity Fraud Alliance.
Fraudsters can use the information to access medical care, buy prescriptions or even file fake income tax returns.
“Healthcare systems will be seeing large-scale hacks of the type we’ve seen with retailers like Target,” Katherine Downing, MA, director of Health Information Management Practice Excellence at the American Health Information Management Association, said in a General Surgery News article.
The largest breach of 2014 hit Community Health Systems and compromised 4.5 million patient EHRs. While large breaches like this one gain media attention, many breaches hit smaller healthcare settings.
To learn more about how to protect your patients’ records, visit www.hhs.gov/ocr/privacy/hipaa/understanding/training.