The U.S. healthcare system just doesn’t seem to be able to catch its breath. Even before COVID-19 pushed it to its limits, it was plagued with several issues. Even now, as the pandemic continues, it still faces most of them. One of the constant issues hospitals and health systems face is data breaches. Most hospitals have always had problems securing healthcare data for a variety of external and internal issues, but data breaches are becoming uncomfortably common now.
That being said, let’s take a look at some of the recent data breaches, how they occurred, how most breaches result in medical identity theft, and whether securing healthcare data is possible.
Wayne County Hospital just revealed very recently that it suffered from a phishing attack. On the 22nd of March, it learned that a phishing attack was carried out – some employees’ email accounts were affected. Wayne County Hospital took the required steps to secure its network and, as protocol requires, initiated an investigation about the breach.
It found out that over 2,000 patients’ information was at risk, including their names, financial information, Social Security numbers, medical information – putting them at huge risk. While the caregiver is taking the steps to prevent such attacks further that will help with securing healthcare data, over 2,000 patients are at risk of becoming victims of medical identity theft down the line.
Northwestern Medicine found out about the attack on May 17 – more than 200,000 patients were at risk. On the 7th of July, the health system asked the patients to review their medical bills for inaccuracies – an indication that there might be identity theft cases down the line.
While Northwestern Medicine stated that no financial information or Social Security numbers were affected by the data breach, far less is required to commit medical identity theft. For instance, inaccurate patient identification is present in most hospitals and health systems, leading to perpetrators getting away after impersonating the patients. Who knows what will happen down the line regarding these patients whose information was exposed?
While this cyberattack affected less than 50 patients, it still shows that hackers were able to breach the cyber walls and access the information. This was discovered on 20th May. A hacker accessed the email account of a faculty member (who also was providing healthcare services) in an unauthorized manner. However, the account was secured and an investigation was initiated, as required by usual protocols.
Health insurance Information on around 30 patients was at risk, whereas around 10 patients’ Social Security numbers were exposed. The emails that were accessed by the hacker included patients’ names, medical information, date of birth, etc.
Hospitals that face data breaches like these need to work on securing patient information and prevent medical identity theft – more on that later.
This phishing attack exposed over 440,000 patient’s information. On the 15th of April, the phishing attack caused the hacker to access an employee’s email account. As usual protocol, Orlando Family Physicians started an investigation and identified that three more employee accounts were accessed by unauthorized parties. As a result, the access has been removed for the hackers.
However, by then, nearly 450,000 patient’s information, including names, insurance information, medical information, passport information, and Social Security numbers, were exposed to the hackers.
While Orlando Family Physicians, along with the other hospitals suffering from data breaches, are taking preventative measures to enhance security, they need to be proactive rather than reactive as data breaches are becoming unstoppable.
Data breaches have been occurring for several years, leading to holding patient information as ransom, selling off the information to fraudsters, and so on. Hackers are coming up with innovative ways to steal patient information, whereas hospitals and health systems have their hands tied – they cannot do much with the meager cybersecurity budgets they have at their disposal.
WANNA KNOW : Preventing Plagiarism: A Student’s Guide
However, healthcare providers can work on securing healthcare data even after data breaches – only if they ensure positive patient identification at their facilities. There are solutions available that can help ensure accurate patient identification, and this can prevent medical identity theft when the fraudsters try to pass off as the patients – quite a simple but effective solution.
While reducing data breaches might be extremely costly and time-consuming (overhauling cybersecurity solutions, adopting new technologies, implementing new practices, etc.), protecting patient data even after breaches is not. While it might not prevent data breaches, it can prevent patient information from being tampered with – improving patient safety, reducing litigation costs, and ensuring patient data integrity.
- Call of Duty Warzone Sniper Guide: How to be a Sniper
- 4 Ways to Kickstart Your Amateur Radio Hobby
- Neon Lights and the science behind their attraction
- 12Bet App – Download Free | Android and iOS | Review
- Do I Need To Prime My Disposable Vape?