The healthcare industry has long been a top target for cybercriminals. According to a 2016 study from the Ponemon Institute, 89 percent of healthcare organizations have experienced a data security breach resulting in the loss or theft of patient information.

More importantly, the cost of a data breach for healthcare is more expensive than any other vertical — and the volume of breaches is expected to increase. For example, the rate of ransomware attacks against healthcare organizations is projected to quadruple between 2017 and 2020.

So, what’s causing this massive uptick in attacks?

More Data, More Problems for Healthcare Organizations

Data proliferation is one major culprit. According to the International Data Corporation (IDC), 60 percent of healthcare applications will collect real-time location data and clinical Internet of Things (IoT) device information by 2019. What’s more, more than 40 percent of healthcare organizations around the world will use IoT-enabled biosensors in the next two years.

Another factor is low cybersecurity spend. Healthcare organizations allocate less than 6 percent of their IT budget for security, according to 2017 research from Symantec and HIMSS Analytics, which is well below the industry average.

The sheer value of healthcare data is also driving the surge in attacks against the sector. According to the FBI, electronic health records are far more valuable to cybercriminals than financial information, Reuters reported.

A Data Security Breach Has Major Consequences

Given all these factors, the impact of this skyrocketing attack volume is far-reaching across healthcare organizations and the industry overall. For example, 49 percent of healthcare executives said cybersecurity challenges create potential roadblocks when it comes to mergers and acquisitions (M&A).

The most obvious consequence of a data security breach is the cost burden. According to the Ponemon Institute’s 2017 Cost of Data Breach Study, the average compromised healthcare record costs organizations $380 — that’s three times the global average across industries. In the U.S., organizations can face steep fines for violating the Health Insurance Portability and Accountability Act (HIPAA). While the $19 million in such fines reported by the Office of Civil Rights was down slightly in 2017 from the previous year, this is still more than three times what healthcare companies paid out in 2015, according to the Telebehavioral Health Institute.

In addition to the financial cost, a healthcare data breach can negatively impact an organization’s reputation. This is particularly worrisome since more than half of patients said they would change their healthcare provider following a breach, according to a 2015 survey from TransUnion Healthcare.

Strengthening the Security Immune System

Given the healthcare industry’s vulnerability and the dire consequences of a data breach, it’s no surprise that cybersecurity spending is forecast to exceed $65 billion over the next five years, according to a 2017 report from Cybersecurity Ventures.

Data proliferation has resulted in a staggering number of false positives and logs. This requires the use of artificial intelligence (AI) to respond to attacks in real time. The security immune system strategy offers a fully integrated approach to safeguarding your business and its IT environment.

The system is centered around an AI-powered core of security orchestration and analytics tools that continuously process the many risk variables across the entire ecosystem of connected capabilities. This powerful integration helps increase visibility into hidden risks that human analysts might otherwise miss.

Is your organization prepared to withstand a data breach? Join a complimentary on-demand HIMSS webinar to learn more.

Watch the on-demand webinar: Healthcare Cognitive Security

More from Healthcare

Why safeguarding sensitive data is so crucial

4 min read - A data breach at virtual medical provider Confidant Health lays bare the vast difference between personally identifiable information (PII) on the one hand and sensitive data on the other.The story began when security researcher Jeremiah Fowler discovered an unsecured database containing 5.3 terabytes of exposed data linked to Confidant Health. The company provides addiction recovery help and mental health treatment in Connecticut, Florida, Texas and other states.The breach, first reported by WIRED, involved PII, such as patient names and addresses,…

Ransomware on the rise: Healthcare industry attack trends 2024

4 min read - According to the IBM Cost of a Data Breach Report 2024, the global average cost of a data breach reached $4.88 million this year, a 10% increase over 2023.For the healthcare industry, the report offers both good and bad news. The good news is that average data breach costs fell by 10.6% this year. The bad news is that for the 14th year in a row, healthcare tops the list with the most expensive breach recoveries, coming in at $9.77…

Cybersecurity risks in healthcare are an ongoing crisis

4 min read - While healthcare providers have been implementing technical, administrative and physical safeguards related to patient information, they have not been as diligent in securing their medical devices. These devices are critical to patient care and can leave hospitals at risk for cyberattacks, causing major disruptions to patient care. In fact, 88 million individuals were affected by large breaches, compromising vast amounts of electronic protected health information (ePHI) last year according to the U.S. Department of Health & Human Services. This year,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today