Recent reports show that IT security issues will still be on the horizon for the healthcare industry in 2015.
- As the healthcare industry looks ahead to 2015, it’s important that IT security remains a top priority. With more organizations implementing mobile options, such as secure messaging services and BYOD capabilities, it is critical for healthcare facilities to have capable security and privacy measures.
Moreover, recent studies show that health data breaches are on the rise, and there is a particular risk when it comes to mobile devices.
Ninety percent of Android healthcare/medical applications have been hacked, according to Arxan Technologies’ third annual “State of Mobile App Security Report.” Of those apps, 22 percent were approved by the Food and Drug Administration (FDA).
In comparison, none of the healthcare/medical apps through Apple were hacked, according to the report. Overall, Arxan showed that free app downloads are forecasted to increase at a rate of 99 percent, reaching 253 billion downloads in 2017. Paid app downloads are projected to reach almost 15 billion, a 33 percent increase by 2017.
With that information, healthcare organizations should ensure that employees are only using secure applications on devices that also access patients’ protected health information (PHI). Additionally, any communication on mobile devices should be done in a HIPAA-compliant matter. This also includes ensuring that devices are encrypted and not left in exposed areas.
Another recent report found that healthcare data breaches are on the rise. There are now more access points to PHI than ever before, and IT security needs to keep pace accordingly, according to Experian’s second annual “Data Breach Industry Forecast.”
Additionally, the growing popularity of wearable technology makes the healthcare industry a vulnerable and attractive target for cybercriminals, Experian explained in a statement.
“The growing number of vulnerabilities and the sheer size of the healthcare industry led to an increase in widely publicized security incidents this year, representing about 42 percent of all major data breaches reported in 20141,” said Experian Data Breach Resolution Vice President Michael Bruemmer. “We expect this number will continue to grow until the industry comes up with a stronger solution to improve its cybersecurity strategies.”
The potential cost of healthcare data breaches could soon be as much as $5.6 billion annually, the report found.
Overall, healthcare organizations must increase their IT security, especially in terms of data breach preparedness. Otherwise facilities will have to face the aftermath from federal regulators, according to the report. Health IT security incidents will likely continue to increase as EMRs and consumer-generated data add vulnerability and complexity to healthcare security considerations.
Medical identity theft is also a growing concern, according to Experian. The report cited data that showed more than 1.8 million individuals in the US have been victims of medical identity theft. PHI can provide cybercriminals with a much bigger payout, which is why they will continue to try and capitalize on the healthcare industry.
Earlier this year, Reuters reported that an individual’s medical records are worth 10 times more than his or her credit card number on the black market. Names, dates of birth, policy numbers, diagnosis codes and billing information can all help criminals can create fake IDs to buy medical equipment or drugs that can be resold, explained the news source.
Health IT security issues are likely not going to disappear with the start of a new year, but healthcare facilities can take key steps in mitigating as much risk as possible. What are some of the best ways for facilities to protect PHI? Let us know in the space below.