Cyber attacks and data breaches targeting healthcare organizations are not new, but over the past several years, the number of breaches has continued to rise. Whether the type of breach was a simple hack, theft, unauthorized access, malware, or someone misplacing a laptop, the number of affected individuals and associated costs are up. It is no secret that health records provide the most comprehensive data about an individual, which makes it one of the most attractive targets for scammers attempting to commit fraud, identity theft, or credit card scams. Is COVID-19 providing more opportunities for healthcare data breaches?
According to HHS, through August 31, 2020, there have been 305 data breaches. In comparison, for the same period in 2019, there were 136. So why the increase? The answer is not cut and dry, but some reasons could include:
- Remote Workers: A lot of people are now working remotely due to COVID-19, these individuals may not recognize an attempt to bypass security.
- The Need for Personal Protective Equipment (PPE): When PPE was in short supply, organizations had to reach to purchase, which potentially lead them to questionable websites with malware.
- More Online Data: Because of COVID-19, telehealth usage surged, and treatments for patients increased. This includes test results, lab results, vaccine testing, and more.
- Not Focused on Security: IT staff have been stretched thin, and their attention to usual cybersecurity may not be as high as it usually is.
As the COVID-19 pandemic continues, healthcare organizations should refocus their attention on security to ensure the safety of their patient’s data. Ensuring that multi-factor authentication is in place, retraining employees on best practices, and making sure that security measures are in place for new technologies are the main areas to focus on. Additionally, ensuring that you have a backup of all of your data on a separate network is essential in case of a data breach. When cyber attackers infiltrate an organization’s network, they usually demand a ransom bitcoin so it cannot be tracked. Having a backup of your system on a different network would allow for faster recovery and potentially the avoidance of paying a ransom.
Healthcare organizations must take security seriously at all times, but during the COVID-19 pandemic, it is even more critical. Cyber criminals may see organizations as more vulnerable during these times and try to take advantage. To avoid data breaches, stay vigilant and take precautions to avoid being another statistic for HHS.