Health Care Lags With Data Protection, FBI Recommends Upping Security

Laptop Doctor

Chief information officers operating in each sector of the world economy know that securing their companies’ sensitive information is a top priority. Despite the importance of data defense in every industry, there are some professions that require even more care when it comes to storing, analyzing and managing files due to the nature of their work.

For instance, the health care field has always had to tread cautiously with regards to its use of IT tools, as implementing a variety of solutions could put confidential patient information and medical records in a compromised situation. Slowly but surely, organizations in this sector have started to adopt a number of advancements. However, medical institutions seem to be failing in terms of following the proper data protection protocol, which could cause grave consequences.

Breaches are abundant in health care sector
If people consider all of the areas of the global market, chances are that health care will make the top of the list in terms of which fields have to work with confidential material. CIO Magazine explained that this industry is a major target for cyberthieves, given the fact that extensively detailed patient information is highly valuable on the black market. Because a number of professionals working in this field have not been trained in data protection practices – or simply decide to ignore their organizations’ compliance policies – they tend to put sensitive information in jeopardy. Consequently, hackers are able to access this vulnerable data with ease.

That being said, new research about data breaches throughout the health care sector shows that even though a high number of cyberattacks occur within this field, the severity of these cases is not as extreme as it could be. According the source, a Symnatec report revealed that 37 percent of total breaches across all sectors took place in health care companies. One would think that given that sizeable portion of cyberattacks coming from this field, it would be responsible for contributing to many instances of identity theft. However, that was not the case. The study found that a startling 1 percent of all exposed identities came from health care breaches. As a result, some experts have concluded that in spite of the high volume of cyberthefts affecting this industry, the repercussions have not be disastrous, for the most part.

Nevertheless, the frequency of data breaches within this sector should still be cause for concern. Even though the majority of these instances have not rendered catastrophic results as of yet, that is not to say that they could further down the road. Bearing this in mind, IT professionals in this field should address some of the most common causes of both data loss and theft that contribute to breaches. CIO Magazine explained that the Verizon Business’ Data Breach Incident Report found that insider misuse and system errors were the main factors playing a role in confidential medical information making its way into outsiders’ hands.

“That suggests simply having sensitive information ‘behind locked doors’ isn’t enough; there are still a lot of people inside those locked doors,” the Verizon report read.

FBI advises organizations to step up security
For the most part, the data stored on health care’s IT solutions is not secure because tech teams do not put the right measures in place to protect it, giving hackers ample opportunity to deactivate or bypass rudimentary barriers. In fact, the FBI recently warned institutions throughout this sector about their resistance when it comes to implementing advanced cybersecurity practices, claiming that they are lagging behind organizations in other fields.

“The health care industry is not as resilient to cyber intrusions compared to the financial and retail sectors, therefore the possibility of increased cyber intrusions is likely,” the Federal Bureau of Investigation disclosed to health care providers in a notice obtained by Reuters.

The agency has pointed to recent breaches such as Target and emphasized that the consequences would be even worse for health care companies.

Perhaps the simplest of steps that these organizations can take to reduce the high risk of data breaches, which is an especially concerning threat due to the sensitivity of patient information, is to encrypt their information. Up until this point, the sector has been reluctant to adopt encryption, but it may be the easiest and most effective solution in terms of ensuring patient information is not compromised and used for identity theft or other fraudulent activities.

Marie Larsen
Marie is a writer for CIOs.com. She has an educational background in languages and literature. She covers IT trends and executive technology management topics for the company.