READ TIME | 10 MINUTES
Important Healthcare Cybersecurity Statistics All Clinicians Should Know [Infographic]
Healthcare technology is growing exponentially as clinicians realize the value of connectivity. But with this advancement comes new opportunities for cybercriminals. In 2017, there was a total of 477 healthcare breaches that impacted approximately 5.6 million patient records.1
On average, the healthcare industry allocates less than 6% of its overall budget to cybersecurity.2 Therefore, cybersecurity education plays a vital role in defending healthcare organizations from experiencing a data breach.
What is Cybersecurity?
Cybersecurity is defined as the various techniques used to protect information systems from unauthorized users and malicious attacks. Cybersecurity in the healthcare industry is key as sensitive patient health information can be stored on computers and other medical devices.
What’s at Risk?
Medical records can be one-stop shops for cybercriminals as they contain patient health information (PHI) that can’t be deleted or easily changed, making them a valuable target. For example, patient health records can be sold for as much as $363 on the black market which is more than any piece of information from other industries.3 Types of PHI that are valuable to cybercriminals include:
- Telephone number
- Social security number
- Biometric data
- Diagnostic images
How Is Patient Information Compromised?
Cybercriminals use a wide variety of different tactics to acquire patient data. As a result, it is important for clinicians to be able to recognize and report threats made against an organization. Here is a list of common tactics employed by cybercriminals to acquire PHI:
- Disposal errors
- Privilege abuse
- Data mishandling
Impacts of a Data Breach
Currently, data breaches are costing the U.S. healthcare industry about $6.2 billion per year.5 In addition to the financial impact a data breach has on an organization, it can also result in a multitude of other adverse effects including:5
- HIPAA violation fines and other costs
- Business interruption
- Threats to patient safety
- Compromised EMR security
- Decrease in trust among customers
- Loss of customers
- Reputational damage
What Can You Do?
It’s important for healthcare organizations to implement security measures to safeguard both hardware and software from cybercriminals. Below are some important cybersecurity best practices to help protect your patients and organization:6, 7, 8
- Securing your connected medical devices via access controls (Ask your IT department how your hospital handles this today)
- Creating strong passwords using a combination of letters, numbers and symbols
- Accessing PHI through secure applications and web portals
- Logging out of devices and locking computers when not in use
- Backing up data in case information is compromised
- Participating in cybersecurity training to aid in threat detection and response
Cybersecurity is a growing component of patient safety, and it starts with you. Be sure to check out our helpful infographic that shares key healthcare cybersecurity statistics.