November 09, 2023
6 Min Read
The healthcare and public health sector continues to face rising data breach costs, up to USD 10.93 million globally as organizations bear direct costs to investigate, contain and pay regulatory fines as well as indirect costs related to loss of trust and patient churn. As the compliance landscape continues to evolve, with new revisions to HIPAA, revisions to CFR 21 Part 11, state privacy laws, and even upcoming changes to PCI DSS, healthcare organizations must also navigate new requirements to protect data, systems and services.
In a recent example, Atlanta-based Managed Care of North America (MCNA) Dental exposed the data of nearly 9 million patients, with exfiltrated data leaked to the dark web by the LockBit ransomware group. Mid 2023, HCA Healthcare also announced a breach impacting as many as 11 million patients across 20 states.
Increasingly, malicious actors are targeting healthcare organizations with the intention to disrupt or hold medical records hostage, a tactic that increases pressure to pay a ransom in order to ensure patient safety and care delivery. Today, organizations fall victim to a ransomware attack every 11 seconds—by 2031, it will be every 2 seconds. While 42% of healthcare organizations pay a ransom to recover data, the confirmed amount of data being compromised by ransomware in healthcare continues to rise.
Today, it takes an average of 277 days to identify and contain a data breach—204 days to identify and 73 days to contain. The takeaway here for healthcare organizations is not only the need to reduce risk of attack and breach with improved cyber hygiene practices, but also to reduce mean time to response after incidents are detected. How a healthcare organization responds to a data breach can have a significant impact on both cost and consequences, including reputation and compliance penalties.
Like every organization, the introduction of remote work and increasing supply chain vulnerabilities has simply reinforced that perimeter-based security controls are no longer enough. Effective handling of a healthcare data breach begins by acknowledging the new software-defined perimeter and the need for Zero Trust and better visibility over endpoints, in order to improve detection and response activities.
Recognized as a global standard for cybersecurity practices, the National Institute of Standards and Technology has created several guides to assist healthcare organizations in complying with HIPAA and in mapping these to the widely-accepted NIST Cybersecurity Framework (CSF). Response is one of the five pillars of the CSF, guiding organizations on the appropriate steps to take if a cybersecurity incident is detected to help contain the impact of the incident.
Further, NIST breaks down the Response activities into five sub actions:
However, if any cyber attack occurs, activities will be hyper focused on steps 2 through 4, where the actions being taken can be the difference between a simple security incident and long-term reputational and financial damage. Therefore, we’ve broken down these steps even further, helping healthcare organizations develop a clear, 6-step plan to effective data breach response.
Outlined in our Effective Healthcare Data Breach Response whitepaper in detail, these steps include:
Implementing a comprehensive, risk-based compliance strategy is pivotal for healthcare organizations who know that compliance alone doesn’t equal protection and that today’s era of care demands more. Absolute is uniquely positioned to help healthcare organizations across all five pillars, providing an unbreakable conneciton to endpoints to help quantify risk, ensure security controls in place are resilient, respond quickly, and recover faster.
Get the NIST Cybersecurity Framework Evaluation Guide here.
Learn more about Absolute's security solutions for healthcare here.
Share this article