Security Awareness, a Permanent Concern in Healthcare, Requires Training
June 17, 2016
A dark room is interrupted by a dim green haze. A computer screen illuminates someone madly working at a keyboard. His mannerisms suggest great urgency if an objective isn’t met in time. The screen shows a digital chaos of number sequences and password requests. As each second passes, the level of urgency escalates until finally the screen goes blank, giving way to an immediate calm. He’s in.
Sounds familiar, right? This scene occurs in every hacker movie ever made. The dynamic music and exaggerated production paint a picture that we know more times than not isn’t true. Or is it? The scene in reality may look a little different, but the result is shockingly similar—People are attempting to hack into your organizational and patient data often. Very often.
Learn more about security awareness in this free infographic.
Some Statistics on Healthcare Hacking
- 48% of healthcare organizations experienced a security incident involving the loss or exposure of patient data in the past 12 months. 1
- On average, a facility will have to protect against 11.4 cyber-attacks per year. 1
Considering that those numbers are more than double what they were in 2010, the healthcare industry has passed the “if” stage of cyber-attacks and is now asking “when.” And, it’s no surprise cyber criminals have adjusted their targets. With patient records fetching 50 times more money on the black market than financial data and only 33% of healthcare facilities reporting their current cyber security posture as “very effective,” hackers have all the incentives in the world to breach your cyber defenses and steal patient data.
The Effects of Healthcare Hacking
The effects of a security breach reach far beyond a negative headline in the local paper. The cost of being unprepared for cyber-attacks can be crippling in an industry with razor-thin margins. So you’re probably wondering, how bad can it get in terms of dollars and cents?
- The average data breach costs an organization $2.1 million dollars to correct. 1
- Quick math: take the number of patient records your organization has and multiply it by $363. That’s the cost PER patient record to remedy the breach.1
So what’s the solution? How can these cyber-attacks be stopped before it’s too late? The answer starts with training your staff on the security threats facing them on a daily basis. It’s not an easy task considering the habits we have when using our phones, laptops, or other devices—but it is necessary. Cyber criminals depend on our lack of attention to detail when deploying phishing scams. Improper encryption and storage opens the gate to ransomware and viruses. Even our personal social media interactions can seed a vicious cycle of data breaches.
Organizations must prepare for current threats and establish a protective foundation against those to come. Doing so starts with a plan whose core element needs to be education for your staff. HCCS has developed the Security Awareness in the Healthcare Setting course to provide a baseline understanding about the current security threats facing your organization.
To learn more about cyber security and how to incorporate HCCS’s Security Awareness course into your security plan, please visit www.hccs.com/prepare.
1 Ponemon Institute: The State of Cybersecurity in Healthcare Organizations in 2016, http://cdn5.esetstatic.com/eset/US/resources/docs/white-papers/State_of_Healthcare_Cybersecurity_Study.pdf?elq_mid=1633