By Dr. Satyendra Kaith, Adjunct Faculty, School of Business and Information Technology
In October 2014, the National Cyber Security Alliance and numerous other champions celebrated the 11th year of National Cyber Security Awareness Month(NCSAM). However, if recent news regarding the massive wave of breaches suffered by Hollywood celebrities and retailing icons like Home Depot and Target is not alarming enough, consider the real danger that your own health data could be stolen by hackers. Let us consider some hard statistical facts.
According to an unclassified Private Industry Notification issued by Federal Bureau of Investigation, “Cyber actors will likely increase cyber intrusions against health care systems—to include medical devices—due to mandatory transition from paper to electronic health records (EHR), lax
For instance, the most notable among these reports is a SANS Institute report raising red flags on the security strategies and practices in health care, which are ill-equipped to handle new cyber threats, such as
A recent article in MarketWatch (Levin, 2014) notes that nearly half of identity thefts involve medical data. The article refers to a research finding by the Ponemon Institute revealing that since 2010, there has been a 100% increase in criminal attacks on health care organizations. The
Today’s rapidly changing IT network is more distributed and more virtual than ever, leading to more data stored on remote endpoints, such as laptops and smartphones, and increasingly accessed through collaborative cloud-based applications. No wonder more sophisticated malware is targeting these applications as ways to gain unauthorized access to sensitive information. Furthermore, mounting budget pressures are forcing organizations to look increasingly at more distributed, heterogeneous, and virtual computing alternatives in order to meet business objectives in a cost-effective manner.
In order to address these challenges, parties must collaborate and seamlessly share information to address IT risk and systems management requirements. Security experts recommend an integrated, end-to-end solution that combines best-of-breed endpoint security and operations functions, centralizes policy and event
According to a 2014 security forecast by Kroll Cyber Security, the data supply chain and the threat of malicious insiders will pose continuing challenges to hospitals this year. While organizations may have their own security in order, the same may not be true for the business associates who handle their data. “What we’re seeing in many cases is that as that data leaves the hospital it ends up in the hands of third parties that may not have the same stringent requirements as the hospital or health insurance plan. That is going to be a significant issue for the next few years,” said Tim Ryan, managing director and cyber investigations practice leader for Kroll (Due Diligence an IT Priority for 2014, 2014).
It is encouraging to learn that NCSAM has grown exponentially in the last 11 years, reaching consumers, small and medium-sized businesses, corporations, educational institutions, and young people across the nation. For more information on NCSAM events, ways to get involved, the NCSAM champion program, and additional resources, visit www.staysafeonline.org/ncsam.
In an encouraging development, the Privacy and Security Committee of Healthcare Information and Management Systems Society (HIMSS) is continuing
Transforming health care through technology requires continual joint efforts from the public and private sectors. I encourage readers of this article to find their niche and start contributing their ideas to HIMSS (www.himss.org) and to the national health care agenda for minimizing
Department of Justice, Federal Bureau of Investigation. (2014, April 8). FBI Cyber Division Bulletin: Health Care Systems and Medical Devices at Risk for Increased Cyber Intrusions. Retrieved September 10, 2014, from FBI: https://info.publicintelligence.net/FBI-HealthCareCyberIntrusions.pdf
Due diligence an IT priority for 2014. (2014). Healthcare Risk Management
ID Experts. (2014, March 12). Criminal Attacks on Healthcare Organizations Increase 100 Percent. Traverse City, Michigan: ID Experts. Retrieved September 10, 2014, from ID Experts: https://www2.idexpertscorp.com/knowledge-center/single/criminal-attacks-on-healthcare-organizations-increase-100-percent
Levin, A. (2014, March 18). Nearly half of identity thefts involve medical data. MarketWatch .
Lumension Security. (2014). Lumension® Endpoint Management and Security Suite. Retrieved September 22, 2014, from Lumension: https://www.lumension.com/endpoint-management-security-suite/overview.aspx