REDWOOD SHORES, Calif., Aug. 20, 2015 /PRNewswire/ -- iSheriff, the industry leader in cloud-based Enterprise Device Security, today released The New Healthcare Crisis: Cybercrime, Data Breaches and the Risks to Patient Records, a new white paper revealing nearly 45% of Americans have had sensitive health information compromised via a cyberattack. In the past year, organizations such as UCLA Health Systems, Anthem, Premera, and CareFirst have announced major breaches, bringing the five year total to over 143 million compromised patient records (more than a third of a of 318.9 million Americans) according to the United States Census Bureau1 and the Department of Health and Human Services2.
"When more than forty percent of the U.S. population has been a victim of a data security breach, we must recognize this as an epidemic that can and will hit any healthcare provider," said Paul Lipman, CEO, iSheriff. "These breaches not only cost time and money, they risk compromised medical records that could impact health diagnoses and outcomes. Cybercrime is the new healthcare crisis."
iSheriff's analysis relies on publicly available information and may even understate the severity of the problem. Many organizations may not even realize they have been breached until months later. According to the Health Information Management Society (HIMSS) 2015 Cybersecurity Survey, 64% of healthcare organizations have experienced an external cyberattack during the last twelve months3. According to a report from Bloomberg News, 90% of all healthcare providers have been breached within the past two years4. More data breaches happen in the medical and healthcare industry than in any other sector, including financial, education, and government; according to the Identity Theft Resource Center, medical and healthcare sectors accounted for 46% of the reported breaches in 20145.
Criminals are targeting the healthcare sector because patient records are a tremendously valuable source of data. In fact, medical information has more lasting value than other types of information. A stolen credit card can be cancelled and fraudulent charges disputed, but resolving medical identity theft has no standardized remediation procedures.
Medical identity theft not only results in financial damage, but can impact health outcomes. If a stolen medical identity is used to receive care, the new data could alter or become integrated into the existing records and result in inaccurate diagnoses. Even after an error has been identified, medical privacy laws make it difficult to disentangle the fraudulent medical details from the legitimate information.
The iSheriff white paper highlights several factors responsible for the rise in healthcare breaches: (i) the threat environment is changing rapidly; (ii) point products create gaps in security posture; (iii) roaming users make the network porous; and (iv) healthcare providers face significant resource constraints. In addition, new healthcare IT initiatives promising to enhance the quality of care can increase information security risks – such as networked patient record keeping devices, internet-connected fetal monitors, electrocardiograms, temperature sensors, and an emerging wave of Internet of Things medical technologies.
Oscar Marquez, iSheriff's COO, concluded, "If Anthem – with annual revenues of over $60 billion – can be breached, the sobering reality is any healthcare organization collecting and storing patient data is vulnerable. The targets span the smallest physician practices, clinics, and labs to regional hospitals, HMOs and PPOS, and the largest national providers."
Click here to view the iSheriff white paper The New Healthcare Crisis: Cybercrime, Data Breaches and the Risks to Patient Records.
iSheriff is a leading cloud-based provider of Enterprise Device Protection to more than 3,000 organizations worldwide. The company's global cloud network, award winning security, and SaaS delivery model, provides a single security platform to protect all of an enterprise's internet-enabled devices – including laptops, servers, tablets, point of sale terminals, industrial equipment and "internet of things" technologies. iSheriff has been recognized by leading analysts and industry publications, including SC Magazine, Network Computing and IDC. Virus Bulletin's VB100 independent comparative testing named iSheriff the most effective solution against new and emerging malware.
For more information on iSheriff, please visit www.isheriff.com and follow the company on Twitter at @isheriffinc.
Gutenberg Communications for iSheriff
1 (U.S. Census Bureau, 2015)
2 (Secretary of Health & Human Services, 2015)
3 (Lofstrom, 2015)
4 (Pettypiece, 2015)
5 (Identity Theft Resource Center, 2015)
Identity Theft Resource Center. (2015, January 12). Identity Theft Resource Center Breach Report Hits Record High in 2014. Retrieved August 12, 2015, from Identity Theft Resource Center: http://www.idtheftcenter.org/ITRC-Surveys-Studies/2014databreaches.html
Lofstrom, J. (2015, June 30). HIMSS Cybersecurity Survey. Retrieved August 12, 2015, from HIMSS: http://www.himss.org/2015-cybersecurity-survey/executive-summary
Pettypiece, S. (2015, May 7). Rising Cyber Attacks Costing Health System $6 Billion Annually. Bloomberg Business, p. 1.
Rivera, J. (2014, November 11). Press Release: Gartner Says 4.9 Billion Connected "Things" Will Be in Use in 2015. Retrieved August 12, 2015, from Gartner Inc.: http://www.gartner.com/newsroom/id/2905717
Secretary of Health & Human Services. (2015). Breaches Affecting 500 or More Individuals. Washington D.C.: U.S. Department of Health & Human Services.
U.S. Census Bureau. (2015). U.S. and World Population Clock. Washington D.C.: U.S. Department of Commerce.