Ripple Effect of Healthcare Data Breaches

According to the HIPAA Journal, there is some good news: cyber crimes in the healthcare industry went down. A 5.71% reduction in reported breaches occurred from January to July 2022.

This means that some cyber strategies are working, but we must remain vigilant to deter ransomware groups. It’s important to note that the 10 biggest health data breaches reported to the federal government in the first six months of the year affected at least 500,000 people.

Below are some of the consequences data breaches have on the healthcare industry.

Risks to Patients

It’s often overlooked but cyberattacks pose serious risks to patients. What happens when a hospital goes offline after an incident?

Ambulances get diverted which can put patients at risk.

Important procedures like surgery, imagery and diagnostic services get delayed.

Patient care goes manual while systems are down, and patient records may be temporarily inaccessible.

Other hospitals in the area see an influx of patients, stretching their capacity.

Securing PHI

Most ransomware gangs target hospitals, health systems, physician practices, and insurers looking for

Protected Health Information (PHI). This data is stored in many different locations, not just in electronic medical record systems. Sensitive patient information is included in documents, spreadsheets, billing systems, email accounts, and many other locations. The most common entry point for breached data is network servers. Healthcare organizations need to find better ways to secure PHI. In 2021, 45 million individuals were affected by healthcare cyberattacks. (Source: Fierce Healthcare)

High Price Tag

Although cyber attacks in healthcare are down, it costs more for organizations to recover. According to a recent IBM report, the average healthcare breach costs $10 million, which is up 9.4% from the same timeframe in 2021. IBM asserts that the healthcare industry endured the highest breach-related financial damages during the last 12 years compared to other sectors. Covering cyberattack expenses are one of the factors related to soaring healthcare costs.

What Can Be Done

At the end of the day, it’s about building cyber resilience that feeds into your DR plan. A strong recovery component should be the cornerstone of your program. Look to Recovery Point for recovery solutions and work with us on:

Cybersecurity risk mitigation with our proven security framework

Cyberattack recovery solutions (Tier 1/2+, air-gap, award-winning Business Process Resilience)

We help clients fight ransomware attacks with our 3-2-1-1-0 backup strategy:

• 3 copies of data
• 2 different media types
• 1 offsite copy
• 1 air-gapped copy
• 0 errors with Recovery Point’s Managed Resiliency service