The pandemic brought to light the data protection issues in many industries, but particularly the healthcare industry. So, why are they becoming more common?
The number of Medicare and NHS data breaches is already high enough. That said, with track and trace, alongside the potential for COVID passports coming onto the scene, concerns are running high. After all, this extensive access to personal data poses a threat to the public in many ways.
The real question is, why is this data so valuable, and what are the reasons for healthcare breaches of data protection becoming more common? In this article, we’re going to take a closer look at these reasons to expose the truth.
Healthcare Data Breaches: the Statistics
According to the HIPAA Journal, who recorded healthcare data breaches from October 2009 to December 2020, there’s been a drastic increase as the years have gone on.
In fact, the amount of data breaches wherein 500 or more records were breached increased by 3567% between these years! The exact figures recorded were 18 in 2009 compared to 642 in 2020 – a truly shocking increase.
The Main Causes of Healthcare Data Breaches
The question is, how exactly does healthcare data become stolen? There are number of potential reasons, including:
- IT problems
- Misplacement of sensitive documents and files
- Theft of records
- Stolen devices, like laptops, containing sensitive files
- Improper disposal of records
- Unauthorised disclosure of information
In short, the two main causes are either failed technology or human error, caused by carelessness, maliciousness, or lack of training.
Why Are Healthcare Data Breaches Becoming More Common?
So, now we know the figures, as well as some of the main causes of healthcare breaches, why is this happening so much more these days? There are a number of reasons for this, including:
Increased Reliance on Technology
It’s no surprise that, as our world becomes more and more reliant on technology, so does our healthcare system. The Medical Futurist champions our current use of technology in healthcare, and insists that things can only go up from here.
Specifically, he says: “In medicine and healthcare, digital technology could help transform unsustainable healthcare systems into sustainable ones, equalize the relationship between medical professionals and patients, provide cheaper, faster and more effective solutions for diseases – technologies could win the battle for us against cancer, AIDS or Ebola – and could simply lead to healthier individuals living in healthier communities.”
However, one downside of this reliance is the risk of data breach. Technology is developing at such a rapid pace that systems and people can’t seem to keep up. Hackers tend to be one step ahead here, which often leads to malicious attacks.
Ultimately, the more we rely on this tech, the more likely these attacks will occur.
Outdated Security Software
Considering this rapid development, security software to protect sensitive data must consistently be updated. After all, older systems pose a number of problems, including:
- Prone to breakage
- Easier to exploit
- Harder to patch
What’s more, internal IT staff may be unable to improve and update these systems due to a lack of budget and tools to do so. Because of this, outdated systems are being relied on to protect the safety of data, leaving an open window for hackers and cyber criminals to peek inside.
Lots of Manual Work Involved
We’ve spoken a little bit about the risk human error plays in causing healthcare data breaches. This is compounded in the world of healthcare by the fact that much of the IT work needs to be done manually due to these outdated systems.
For example, when the IT team notice a gap in the network, patching this up must be done manually on every server. This takes a lot of time, and it’s highly likely that one or two may be missed along the way. Because of this natural human error, it’s much more likely that a breach will occur.
Remote and Hybrid Working
For those in the healthcare industry who aren’t in the field, and don’t deal with patients, working from home may well have been an option during the pandemic. For these people, dealing with patient records and hospital files is likely to be the norm.
That said, working from home posed a huge problem for data protection. From working on unsecure networks, to the potential for human error, to lack of face-to-face training, the reasons for this are endless.
What’s more, now that we’re moving more towards a hybrid working landscape, the risks are potentially even greater. With workers moving to and from the office, with sensitive documents and work laptops in tow, human error data breaches are to be expected.
There is Value in Healthcare Data
Although healthcare data is currently less valuable than stolen financial records, that’s not to say they’re not valuable at all. Because financial data can quickly become unusable once it’s stolen due to people acting on the theft, the same can’t be said for stealing patient data. After all, access to patient information can allow cyber criminals to steal identities without the knowledge of said individual.
What’s more, many healthcare professionals believe that health data will soon “surpass financial data in value on the black market”! It’s certainly a useful sector for criminals.
It’s Not Just Patient Data
Although a data breach might conjure up ideas of patient information being stolen, there is also the much more sought-after issue of pharmaceutical and biotech intellectual property being stolen.
Much like all Sci-Fi movies warn, biotech information, like DNA and genetics, is extremely valuable. Why knows what sort of havoc could be reeked on us all with this in the wrong hands.
The Future of Healthcare Data Isn’t Looking Good…
As you can tell from this article, the future of the safety of health data isn’t looking good. The truth is that the value of this type of data, alongside the changing technology and working landscape, means it’s certainly tricky to protect.
With this in mind, it’s important healthcare professionals understand the importance of protecting sensitive data. It’s also wise to start training employees to deal with data responsibly, and to handle the technology, to avoid as many breaches as possible.
What are your thoughts on this growing problem? Be sure to keep the discussion going in the comments down below!
- Chris Liverani, https://unsplash.com/photos/dBI_My696Rk
- National Cancer Institute, https://unsplash.com/photos/NFvdKIhxYlU
- National Cancer Institute, https://unsplash.com/photos/L8tWZT4CcVQ