Healthcare Breaches on the Rise
Don’t shy away from this headline, healthcare businesses cannot put their head in the sand or look the other way when it comes to establishing a strong cybersecurity program. For many, the focus has been on HIPAA compliance. This consumes resources both in the workforce and funding. It has also provided incorrect assumptions that once it was “completed”, it was done. It also gave many a false sense of security that their business was now safe from cyberattacks or any type of compromise altogether.
Having a healthcare business that only focuses on HIPAA and not cybersecurity is like driving on a highway with only three inflated tires. You might get to where you want or need to be, but you’re putting yourself and others at unbelievable risk.
The U.S. Department of Health and Human Services (HHS) has a list of at least 125 healthcare organization breaches of electronic data since April 1, 2022. The total for the first five months of the year was 244, which is nearly double the same range of 2021’s 137 incidents. Critical Insight did a study in 2021 that analyzed HHS data from 2018 to 2021 and found that there was an 84% increase in the number of breaches on organizations in healthcare. If your business expenses rose by even half of that you would be infuriated and take action, yet many ignore this and continue with business as usual!
At first, it might seem like one thing, but after time and discovery, you realize it is so much more. Which was the case for Yuma Regional Medical Center. This Arizona facility initially thought that they were a victim of ‘just a data breach’. They then quickly uncovered a ransomware attack that exposed the data of 70,000 individuals.
Eliminate the Excuses
Even though the medical industry is known for being targeted by cybercriminals, there doesn’t seem to be an urgency to remove the excuses. Yet we continue to know common reasons ‘why’ that this is happening. Lack of funding, having an unclear path to resolution, lack of understanding…these are all connected to the overall lack of urgency, which needs to go away immediately. Many small businesses don’t recover from a data breach. Additionally, many healthcare providers work hard to keep their small businesses operating in the face of the larger conglomerates. It can feel like the odds are stacked against you. Don’t assume you aren’t going to be a target when larger enterprises could be a bigger payoff for a cybercriminal. That is also not true.
How To Resolve the Risk
As a small (or large) healthcare entity, you have options. Strengthen your HIPAA compliance program along with your cybersecurity program by working with a company like HIPAA Secure Now. We are one vendor with multiple solutions for your healthcare business. Don’t become a statistic but let us help you to overcome them!
Contact us today to look at the security gaps in your business and provide a plan to close them.