It needs no saying that we are living in the healthcare data breach era.
2015 was a “Wall of Shame” for the healthcare organizations with no ‘ifs ands or buts’. Recurrently, 2016 is also following the examples of the last year. It has been reported that more than 720 data breaches took place this year, and only the top seven cyber-attacks have caused 193 million personal records to open to identity theft and fraud, on its own. Of those seven, the healthcare organizations have the far-fetched honor to have a place in the top three spots. Furthermore, another recent report states that almost 90% of the healthcare organizations have racked at least one data breach in the last 2 years having an average cost of 2.2 million USD for every hack.
Garry McCracken, VP of Tech at WinMagic states that,
“2015 was the year of the healthcare breach, with many organizations falling victim to malicious attacks. Earlier this year, Anthem was breached, and the cause was traced back to phishing attacks. This helps to prove that people are still often the weakest link in the security equation. The truth is that it doesn’t matter how strong your security is, people still need to be trained properly on how to protect data. For example, strong key and password management is essential. With this in mind, 2016 will see a “back-to-basics” approach where healthcare organizations push hard on training workers to take the preventative measures necessary to avoid more breaches in the future.” (Murno, 2015)
Personal information of more than 23,000 patients has been affected by Arkansas’ Pain Treatment Centers of America (PTCOA), Interventional Surgery Institute (ISI), Wisconsin’s Oneida Health Center, and Florida’s Palm Beach County Health Department’s data breaching. Yet no giant leap forward concerning tightening data security is seen among the organizations, according to a recent study.
If you are still looking for a clear concept of “Personal Data Breach” then here’s your solution. A personal data breach is basically a breach of security that leads to an unlawful or accidental destruction, alteration, loss, unauthorized access to or disclosure of personal data stored, transmitted, or otherwise processed in connection with the accouterment of any public electronic information technology service.
As because all the tools and computer generated programs organize and store the patient files, the hacker may have access to,
- The patient’s names;
- Their addresses;
- Health visit information;
- Health insurance information;
- Driver’s license numbers; or even
- The Social Security numbers.
What is a must for you if there is a breach?
All the service providers (such as the internet service providers or the telecoms providers) have some certain obligations if any personal data breach takes place. If you are a service provider then here’s what you must do:
- Notify your Information Commissioner as soon as possible;
- Take under advertisement whether to notify your customers or not; and
- Record every single detail in your own breach log.
The numbers of personal records breached is just SCARY. In 2015, Anthem had the highest records breached, which are just over 78,800,000. Rain or shine, the “Wall of Shame” isn’t encouraging. However, the healthcare industry took their patient privacy and their data security more serious and deliberate this year. As long this is the matter of fact, it’s logical for us all to expect more from them in 2016.
monkeyzone 