91 Million HIPAA Data Breach Victims Reported in Last 3 Months
The healthcare industry now has to fend off a concerted wave of attacks by cybercriminals looking to obtain the ultimate prize; tens of millions of healthcare records; each worth up to £1000 on the black market. This year hackers have stolen the data of over 91 million patients and health plan members. To put this into perspective, more records have been stolen by thieves – or have otherwise been exposed – in the first three months of 2015 than were compromised in the whole of 2013. In fact, there have been more than 16 times as many breach victims reported this year than there were in the whole of 2013. The total number of individuals affected by breaches in the past 8 years is 120 million. To put that figure in context, 120M is a third of the population of the United States, and 76% of these individuals have only become victims this year. While lost laptops, data sticks and unencrypted Smartphones have caused a number of breaches in recent months, there is now a new front that healthcare providers and insurers must defend. Their servers and email accounts, which are increasingly...
Mobile Devices Under HIPAA Rules: Will Geofencing Boost Data Security?
Making healthcare mobile devices secure is a challenge faced by all healthcare providers. It is essential, under HIPAA Rules, to ensure that all medical devices – and the data they contain – are safeguarded and protected against misuse. However, the view from IT professionals is that device users are not being as careful as they should be. According to a recent Cisco Systems report, IT professionals believe that employees are engaging in highly risky behaviors that are potentially putting personal and healthcare data at risk. The report indicates that 70% of IT professionals believe that data breaches have been caused by the use of unauthorized programs in more than 50% of cases. The survey also indicates that 44% of employees are sharing work devices against company policies, while almost four out of 10 respondents have said that they have had to deal with employees who have accessed parts of a network that they were not authorized to enter. Perhaps even more worrying is the fact that 46% of employees admitted to transferring data from a work device to a personal computer to allow...
HIPAA Warning: Health Insurers Must Conduct A Full IT Security Audit
A HIPAA data breach affecting 150,000 individuals is shocking. A breach involving 11 million individuals is astonishing. Both incidents have occurred this month, with the latest mega data breach affecting almost three times the number of individuals as the Community Health Systems data breach of last year, making it the largest healthcare data breach of all time, eclipsing the Tricare breach of 2011 that exposed 4.9 million records. It is clear that the healthcare industry has now entered a new era, where companies are being targeted by criminals who are looking to steal data on a monumental scale. Health insurers make attractive targets as they hold the personal information, health data and Social Security numbers of tens of millions of consumers and in many cases, network security measures are not particularly robust. Huge Rewards for Hackers According to a recent report issued by Price Waterhouse Coopers – Managing cyber risk in an interconnected world: key findings from the Global State of Information Security – the value of data is considerable. The report states that “A...
Data Breach Security Bill Criticized for Lack of Privacy Safeguards
The Data Security and Breach Notification Act – commonly referred to as the Data Breach Security Bill – was announced by President Obama earlier this year at the State of the Nations address. Last week the new bill was introduced, with the Subcommittee on Commerce, Manufacturing, and Trade having held a meeting yesterday to discuss the new bill. The aim of the bill is to improve cybersecurity measures throughout the United States and introduce new standards to protect the privacy of consumers. The new legislation was deemed necessary, as while there are numerous pieces of legislation covering data privacy and security, according to Vice Chairman of the House Energy and Commerce Committee, Marsha Blackburn, and Rep. Peter Welch, the new bill will “”replace the current patchwork of laws” and introduce a single, national standard to protect the sensitive data of all consumers. According to a statement released by Blackburn, “This bill will help enhance the security of sensitive information and provide much needed clarity by creating a national standard and ensure that consumers are...
How To Strengthen Defenses Against HIPAA Data Hacking
The large scale data breaches that affected Anthem and Premera Blue Cross this year – and Community Health Systems in 2014 – are a sign of things to come. Healthcare providers, insurers, healthcare clearinghouses and healthcare business associates must face up to the fact that the game has now changed, and cyber attacks are now an inevitability, not just a possibility. Criminals have previously concentrated on obtaining credit card numbers to commit fraud, although following the major breaches of last year at Target and Home Depot; action is being taken by the retail industry to implement new safeguards and protect consumer data. As the $7 billion retail industry improves defenses, hackers are turning to other less protected industries and the healthcare sector is the prime target. Thieves are now concentrating on obtaining Social Security numbers to sell on the black market. These numbers, especially when accompanied by healthcare data and other personal identifiers, can be used to commit identity and medical fraud, allowing criminals to commit millions of dollars of identity...



