An article over at eWEEK takes a look at the Community Health Systems’ (CHS) 4.5 million patient record breach. The message of the article is that the healthcare industry spends the least on protecting data and is the most susceptible to data breaches.
Some highlights of the article include:
The health care industry has given short shrift to IT security, spending less on protecting its systems and data than most, if not all other, industries, as measured as a percentage of the overall IT budget. And data from firms that track threat intelligence shows that signs of breaches are rampant in the health care industry.
Over the last 10 months, for example, security firm Websense has seen attacks on health care-related firms increase by 600 percent, according to Carl Leonard, senior manager of security research for the company.
“It doesn’t bode well,” Stephen Boyer, CEO of BitSight, told eWEEK. “Security is not a high priority inside of these organizations.”
Boyer pointed to the lack of some basic protections and the relatively low pay for security professionals in the health-care industry as indicators that health care firms have not invested in their IT security.
The CHS breach and the fact that over 30 million patient records have been breached since 2009 should be a wake-up call for the healthcare industry.