Data breaches cost the healthcare industry an estimated $5.6 billion annually. This isn't surprising since 90% of healthcare organizations reported at least one data breach in the past 2 years - and 38% reported more than 5. We talked last week about the value of breached data, and how healthcare records can go for at least 10 times as much as credit card data on the black market. Just why is this?
According to a Forrester Report, Stolen and Lost Devices are Putting Personal Healthcare at Risk, a single health record can be sold on the black market for $20, while a complete patient dossier (including driver’s license, health insurance information and other sensitive information) can fetch over $500. The cost of healthcare data breaches could hit $5.6 billion in 2015, including such costs as compliance fines, lawsuits, as well as costs associated with data breach notification and loss of consumer trust.
Employee negligence is a major risk for healthcare organizations, with this risk only being fueled by BYOD. Theft and loss of devices is the most common cause of data breaches, according to research into the data breaches reported to the Office of Civil Rights (OCR) over the past 5 years. With the growing number of access points (i.e. devices) that access protected health information (PHI) and other sensitive information, as well as other trends such as BYOD and the IoT, the healthcare industry is an attractive target for cybercriminals.
Diligent IT departments ensure that technology is in place to diminish the risk of lost or stolen data. Data and device encryption is the first line of defence but it is not the final cure. However, encryption can be bolstered by a persistent security and management solution. Patented Persistence technology by Absolute offers IT a trusted lifeline to each device in their deployment, regardless of user or location. IT administrators can receive encryption status reports, monitor potentially suspicious devices, and remotely invoke pre-emptive or reactive security measures such as device freeze, data delete or data retrieval
For more on healthcare data protection, we invite you to visit our website or view our webinar on Healthcare Data Breaches - Lessons Learned. The webinar discusses how to identify holes that leave you open to a data breach, key steps to ensure preparedness, how to build a data breach response plan and important first steps in the face of a security incident.