It’s a troublesome time for the healthcare industry: Personally Identifiable Information (PII) is under siege and hospitals are big targets for cyber attacks.
The number of security breaches reported to the UK Information Commissioner’s Office (ICO) rose from 1,089 between April 2014 and March 2015 to 2,048 over the 12 months ending March 2016. This was driven primarily by those disclosing data in error (i.e. accidentally emailing a customer database to the wrong recipient, as in the extreme case of WHSmith) and incidents where hackers broke through organisational defences.
On the black market a single record can be worth between £50 - £300. Patient safety is easily compromised and can endanger life.
Healthcare organisations reported the highest volume of incidents to the ICO, with 941 recorded breaches.
Healthcare records are 100 times more valuable than stolen credit cards, and according to Experian Global Information Services, Electronic Health Records are worth 10 times more than credit card numbers.
The findings indicate that many healthcare organizations and their third parties (business partners or commercial third parties) are negligent in the handling of sensitive patient information.