Electronic health records (EHR) has, in many ways, been an extremely positive development for the medical community and the general public. Digitally storing patient records has made it easier to ensure crucial patient records do not go missing and will be valuable for decades to come as this information will be instrumental in conducting research that leads to medical breakthroughs.
One drawback of the widespread adoption of EHR, however, is that sensitive information has become accessible to malicious actors. And those vulnerabilities were thrust into the spotlight recently when the Indiana-based EHR provider Medical Informatics Engineering was breached, resulting in the exposure of 3.9 million records. In addition to the medical information itself the types of information stolen included:
- Names
- Addresses
- Birthdates
- Social Security numbers
Unfortunately, the announcement of the Medical Informatics breach came right on the heels of a breach of UCLA’s network, an attack that may have affected as many as 4.5 million people. These recent incidents make clear that the health sector is the latest to attract serious attention from threat actors, following in the undesirable footsteps of retail, the U.S. government and even professional sports. So unfortunately, the healthcare sector may be victimized again in the near future.
While the total number of data breaches have skyrocketed in recent years, so too has the cost to organizations. In fact, the average cost of a breach has increased 23 percent over the past two years to $3.79 million, according to IBM and the Ponemon Institute’s 2015 recently released Cost of Data Breach Study. So for healthcare organizations—and businesses across all sectors—it quite literally pays to be prepared.
If you would like to see firsthand how an incident response platform can help your organization to avoid becoming the next to suffer a data breach, sign up for a demo today.