The healthcare industry is worth $3 trillion in the U.S. alone, and it’s becoming the biggest target for hackers. HIPAA compliance is key to staying safe. Are you in danger?
Why is HIPAA compliance so important? Why do we have multiple articles written on the subject? Why do I think of hippos every time I read HIPAA? (Now you will too, probably!)
HIPAA Compliance is a big deal for anyone involved in the healthcare or health insurance business. According to the Identity Theft Resource Center, this past year healthcare entities accounted for 27.4% of reported data breaches. That means that more than 1 in 4 attacks were focused on stealing health records or hacking hospitals. If you have ever been a patient, or if your company hosts similar private information, you are at risk. Are you prepared?
Prnewswire.com said, “It’s clear that the healthcare industry is less prepared for HIPAA compliance than patients expect. HIPAA compliance, especially the Security Rule, has never been more necessary as the value of patient data continues to rise on the dark web.”
At the heart of HIPAA compliance is the need to keep valuable information safe. Medical information is 10 times more valuable than a credit card number on the black market, according to Reuters. The healthcare industry is worth $3 trillion in the U.S. alone, and it’s growing. The same Reuters article stated that because of their complexity and depth, so much more fraud is possible.
“The data for sale includes names, birth dates, policy numbers, diagnosis codes and billing information. Fraudsters use this data to create fake IDs to buy medical equipment or drugs that can be resold, or they combine a patient number with a false provider number and file made-up claims with insurers, according to experts who have investigated cyber attacks on healthcare organizations.” (Reuters)
Marc Probst, chief information officer of Intermountain Healthcare in Salt Lake City, said his hospital system fends off thousands of attempts to penetrate its network each week. So far it is not aware of a successful attack. “The only reason to buy that data is so they can fraudulently bill,” Probst said.
SecurityMetrics recently conducted a survey among healthcare professionals, analyzing various aspects of security for these companies, specifically focusing on HIPAA compliance. Here are interesting stats of what they found:
- 26% of organizations do not conduct a formal risk analysis
- 16% of organizations report they send emails with unencrypted patient data
- Only 34% of organizations train employees on the HIPAA Breach Notification Rule
HIPAA compliance is extremely important and has become a valuable selling point for hosts and cyber security companies. If you have (or want) clients that are in the healthcare industry, you need to be HIPAA compliant. You’re painting a target on your back if not.
If you want to learn more about the details of compliance, or how to become compliant, check out our previous post about HIPAA here. If you are looking to invest in incredible cyber security products to keep your company safe, look no further than Fibernet and it’s suite of cyber security services.