11 Million Patient Records Breached in One Month is Unacceptable

In August, more than 8.8 million patient and health plan member records were exposed as a result of data breaches. Here is a recap of the USHS cybersecurity report for in 8/2016 by Veracity Consulting’s Vice President of Technology, Amy Krohn:

August was a horrible month for data breaches, particularly in the healthcare industry. According to the latest installment of the Protenus Breach Barometer, the total number of healthcare records stolen or exposed this summer exceeds 20 million. The Breach Barometer shows that one of the most potent threats to healthcare data security are insiders or people that work for the healthcare providers. These individuals were responsible for causing approximately 43% of the data breaches reported in August 2016. Hacking was cited as a smaller cause, but was still a significant threat that could include anything from malicious individuals poking around in your systems to staged ransomware attacks. If you’ll recall, ransomware has become a hot button this year due to healthcare providers be held “hostage” by hackers until they pay for their systems to come back online. Ransomware was the second largest cause of breaches accounting for 29% of incidents.

Fortunately, we are doing better. Healthcare providers appear to be better prepared for breaches and are able to issue notifications well within the cybersecurity-rules-linkedintime frame allowed by the Breach Notification Rule.  But, 11 million patient records breached is far from acceptable. Companies must remember that each recorded breach is a hit to their bottom-line. Therefore, these types of threats must be dealt with quickly. Businesses need to stay ahead of hackers, keeping processes updated and communicating what security practices are acceptable for employees. This applies to all companies that deal with customer data, not just healthcare.  It is critical for companies to have plans in place to recognize attacks as they happen, as well as a plan for countering or stopping the attack. Last, companies need to hold a  review of processes post-attack. Now is the best time to audit your processes and infrastructure to insure that your vulnerabilities and weaknesses are protected. Engage the Veracity team to help you with infrastructure and cybersecurity assessments.

About Veracity Consulting

Veracity Consulting is a Kansas City-based technology firm with a reputation of implementing and managing IT solutions and business strategies. Our mission is to change the complex world of technology into a more efficient and profitable solution for businesses andvc communities. We use a collaborative approach with our clients to create and implement viable and relevant solutions.

We offer a comprehensive range of commercial and government solutions in the areas of Program Management, Data Services, Enterprise Architecture, Managed Infrastructure, Security, and Web Services.

About Amy Krohn

Amy Krohn has served as a leader in the technology industry for over 20 years.  Her areas of expertise include leading organizations and companies in executive leadership, strategic planning, enterprise architecture, as a mentor, leadership development, organizational change management, delivery management, vendor management, service management, and process improvements.  Amy currently serves as Veracity Consulting’s Vice President of Technology.

source: Department of Homeland Security, Protenus – june