When PHI is exposed, patient lives and the provider’s business can hang in the balance.
Healthcare information is everywhere today, and it’s a boon to patients and providers alike. Electronic health records allow a primary care physician to quickly send information and consult with a specialist, or send the patients copies of their own records. Information flows quickly from healthcare providers to payers, speeding processing. Health information exchanges (HIEs) allow doctors to securely share patient information and allow healthcare agencies to track and respond to emerging health threats and to analyze outcomes in search of improved treatment options. Cloud computing helps lower IT costs for healthcare organizations and concentrate on their primary mission. And now a universe of devices from tablet computers to medical implants and even Fitbits and Apple watches are recording health data and transmitting it over the Internet.
Free-Flowing Healthcare: The Downside of Digitization
The downside of medical data everywhere is that medical data is everywhere; and presents a huge attack surface for cyber-thieves.
In March 2015, the Washington Post reported the U.S. Department of Health and Human Services (HHS) figures showing that the protected health information (PHI) of more than 120 million Americans had been compromised in data breaches since 2009. Since then has come news of the Excellus BlueCross BlueShield data breach affecting 10.5 million people; the Premera breach (exposing up to 11 million people); the Office of Program Management breach (affecting up to 21.5 million people); and the UCLA healthcare breach (affecting up to 4.5 million people). In total, the PHI of as much as half the U.S. population has been compromised
Tip of the Iceberg
The healthcare data breaches in the news these days are the results of cyber-attacks. What is the motive behind these attacks, and what is happening to these medical records? There are a number of answers.
There are myriad possibilities for using PHI stolen in large-scale cyber-attacks, and many more when you include the complex web of mobile computers, medical devices, and cloud computing services that make up today’s medical computing infrastructure. No wonder so many patient records have been compromised.
Click here to read the full blog.
September 15, 2015 by ID Experts