2015 – A Transformational Year for Healthcare Security
When Anthem, the massive health insurance provider, announced a database breach compromising a possible 80 million records on Feb. 4, healthcare organizations around the nation asked ... How can we avoid a similar fate and be ready for what’s next?
Healthcare has surpassed retail as the sector with the highest number of reported breaches. Not only is patient data at risk, but intellectual property concerning drug discovery and medical devices in development is also attractive to would-be data thieves. It should come as no surprise that it was a healthcare giant that was targeted in this most recent attack.
The current trend toward targeting healthcare data ... and the sophisticated means available to access that information ... has everyone involved in the industry concerned. Cyber theft is the new breed of organized crime, comprised of large, international rings that profit from this illicit trade.
The black market for personal information is a thriving one. Anthem stolen data included: names, birthdates, Social Security numbers, and income. Just imagine how useful it would be to have annual income for each of the members whose records have been lifted? A simple sort by income could easily help the hackers target their most profitable victims.
To date, it appears that the data breached at Anthem does not include electronic protected health information (ePHI). This is good news, as patient data is a hot commodity on the black market, as well. But cyber thieves don’t need ePHI to commit medical fraud. All it takes is a person's name, Social Security number and date of birth to obtain medical care or purchase prescriptions ... and should the wrong information be posted to that person's medical records, the results could be catastrophic.
No one can ensure that their data is 100 percent safe. Anthem is a good example of this as they likely have a highly sophisticated control environment, yet they still fell victim to a serious breach. The latest information suggests hackers might have entered the system months before the company discovered the widespread breach. So what can we do to learn from Anthem as an industry at large to combat this threat?
Start today by:
tightening controls, monitoring systems, and developing comprehensive response plans.
The best way for to outsmart cyber thieves is to put network security best practices in place by using the same weapon they do — the inexplicable power of the human brain, working hard to get results.
Access information on best practices by clicking on Breach: Network Security Best Practices for Prevention, Detection, and Response to learn more about detecting when a breach has occurred, how the human factor impacts network security, and how to respond to network intrusions.