Is Your Healthcare Organization Prepared to Withstand a Data Security Breach?

The healthcare industry has long been a top target for cybercriminals. According to a 2016 study from the Ponemon Institute, 89 percent of healthcare organizations have experienced a data security breach resulting in the loss or theft of patient information.

More importantly, the cost of a data breach for healthcare is more expensive than any other vertical — and the volume of breaches is expected to increase. For example, the rate of ransomware attacks against healthcare organizations is projected to quadruple between 2017 and 2020.

So, what’s causing this massive uptick in attacks?

More Data, More Problems for Healthcare Organizations

Data proliferation is one major culprit. According to the International Data Corporation (IDC), 60 percent of healthcare applications will collect real-time location data and clinical Internet of Things (IoT) device information by 2019. What’s more, more than 40 percent of healthcare organizations around the world will use IoT-enabled biosensors in the next two years.

Another factor is low cybersecurity spend. Healthcare organizations allocate less than 6 percent of their IT budget for security, according to 2017 research from Symantec and HIMSS Analytics, which is well below the industry average.

The sheer value of healthcare data is also driving the surge in attacks against the sector. According to the FBI, electronic health records are far more valuable to cybercriminals than financial information, Reuters reported.

A Data Security Breach Has Major Consequences

Given all these factors, the impact of this skyrocketing attack volume is far-reaching across healthcare organizations and the industry overall. For example, 49 percent of healthcare executives said cybersecurity challenges create potential roadblocks when it comes to mergers and acquisitions (M&A).

The most obvious consequence of a data security breach is the cost burden. According to the Ponemon Institute’s 2017 Cost of Data Breach Study, the average compromised healthcare record costs organizations $380 — that’s three times the global average across industries. In the U.S., organizations can face steep fines for violating the Health Insurance Portability and Accountability Act (HIPAA). While the $19 million in such fines reported by the Office of Civil Rights was down slightly in 2017 from the previous year, this is still more than three times what healthcare companies paid out in 2015, according to the Telebehavioral Health Institute.

In addition to the financial cost, a healthcare data breach can negatively impact an organization’s reputation. This is particularly worrisome since more than half of patients said they would change their healthcare provider following a breach, according to a 2015 survey from TransUnion Healthcare.

Strengthening the Security Immune System

Given the healthcare industry’s vulnerability and the dire consequences of a data breach, it’s no surprise that cybersecurity spending is forecast to exceed $65 billion over the next five years, according to a 2017 report from Cybersecurity Ventures.

Data proliferation has resulted in a staggering number of false positives and logs. This requires the use of artificial intelligence (AI) to respond to attacks in real time. The security immune system strategy offers a fully integrated approach to safeguarding your business and its IT environment.

The system is centered around an AI-powered core of security orchestration and analytics tools that continuously process the many risk variables across the entire ecosystem of connected capabilities. This powerful integration helps increase visibility into hidden risks that human analysts might otherwise miss.

Is your organization prepared to withstand a data breach? Join IBM for a complimentary HIMSS webinar on June 19, 2018 at 8 p.m. EST.

Register now for the June 19 webinar: Healthcare Cognitive Security

Share this Article:
Salwa Rafee

Healthcare & Life Sciences Security Business Leader, IBM

Salwa is an innovative and transformational healthcare leader, with over 20 years of progressive leadership roles in strategy planning, eHealth innovation, consulting services and complex program management with a firm commitment to delivery excellence. She helps her clients achieve the highest ROI in technology and clinical value, with a great focus on cybersecurity for healthcare - leveraging growth areas such as cognitive computing, big data, clinical workflow, cloud adoption, mobile health, clinical genomics and digital business to bring the best industry cross-brand solutions to market. She works with providers, payers, life sciences organizations, academia and research centers to deliver customized solutions in different economies and supports patient safety, privacy, clinical guidelines, compliance and standardization. Salwa is the security business leader for healthcare with IBM, managing its global business with the public sector team.