Of the 1,579 data breaches reported and/or discovered last year, 27% targeted the healthcare industry. Why is the sector such a large target? Monetary value of course: According to Reuters, personal medical information is 10 times more valuable on the black market than credit card information.
Medical fraud, which is only increasing due to the rise in medical data breaches, costs victims an average of $13,500 per incident and can often go unnoticed for months, if not longer. Additionally, there are no legal or regulatory consumer protections currently in place to protect victims against medical fraud and, in some instances, victims can be denied healthcare insurance and benefits once they become a victim. Perhaps the biggest threat of these data breaches however, is that inaccurate and mixed information can be contained in a single person's medical records. Given different blood types, allergies, deficiencies, this can be a potentially deadly issue.
So how can your institution protect your patients? It all comes down to spending the time and funds necessary to adequately train your employees in cybersecurity best practices. These include:
Recognizing, avoiding and reporting phishing scams
Only keeping physical copies of patients records when absolutely necessary
Protecting digital files and records
Connecting only information that is needed
Properly disposing of physical records as soon as they are no longer needed
Finally, Paige Schaffer, President and CEO of Generali Global Assistance’s Identity and Digital Protection Services Global Unit, recommends institutions implement (or outsource) a full-service medical identity theft and fraud resolution that includes services surrounding prevention, monitoring, alerts, and resolution.