The global pandemic has put pressure on health systems and hospitals to stay on top of their security practices. It is of no surprise that cyber security breaches hit a record high in 2021, exposing sensitive patient information according to a report by cybersecurity company critical insights. IT departments need to get involved to prepare for any undesirable circumstances.
Data breaches in the healthcare sector
Breaches have become common in the US healthcare sector. Hackers are taking advantage of the vulnerable situation due to the pandemic. There are three types of data breaches namely, physical breach, electronic breach, and skimming. As more and more hospitals have deployed Electronic Medical Records (EMR) Software solutions, patients fear that their personal health information is at risk from phishing and malware attacks.
Recent data security breaches
Following healthcare organizations have experienced data breaches in 2022. The breaches mentioned below will tell how the cybersecurity attack happened and what organizations can do to protect valuable patient data.
Val Verde Regional Medical Center
The Val Verde Regional Medical Center (VVRMC) located in Del Rio, Texas experienced a data security breach that affected 86k individuals. The data security episode messed up the medical center’s system in March 2022.
How did the breach happen?
A digital forensics firm was engaged by VVRMC that discovered that an unauthorized party got access to important information such as patient names, addresses, social security numbers, and medical record numbers.
All Well Behavioral Health Services
Ohio-based All Well Behavioral Health Services suffered a data security incident this March. Once the data breach incident was found All Well Behavioral Health Services took proactive steps to upgrade its computer systems and information technology. This will help to offer greater security against access to unauthorized users.
How did the breach take place?
All Well found out that an unauthorized party had gained access to its computer system. The system had quality assurance information stored. An investigation was conducted which revealed that the party got hold of files containing client information.
BJC Healthcare
BJC Healthcare disclosed an email breach that impacted a lot of patients. The email security incident made the hackers access BJC physician emails containing patient information related to patient names, treatment locations, and health insurance information. The healthcare organization has secured and encrypted its accounts to prevent such an event in the future.
Recommendations
To improve network security by healthcare organizations it is crucial to deploy an EHR software system that is HIPAA compliant to ensure the safety of patient data round the clock. Data breaches can also be reduced by training on proper usage and handling of PHI.
