Report: Healthcare hacks “likely to increase in frequency” in coming years

Healthcare information security

Malicious hacking poses a grave threat to healthcare providers, and the likelihood of being targeted may be increasing in coming years, according to an audit by technology security firm Redspin.

Hacking-related incidents represented about 6% of all reported healthcare data breaches from 2009 to January 2013, but that figure is projected to grow, Redspin researchers said.

"We expect that the low incidence rate of hacking during the past few years was the calm before the storm," according to the report. "Personal health records are high value targets for cybercriminals as they can be exploited for identify theft, insurance fraud, stolen prescriptions, and dangerous hoaxes."

The researchers called on healthcare providers to "up their game" in terms of security defenses for sensitive records, pointing to the high-scale theft of medical records from the Utah Dept. of Health.

Last year criminal hackers from Eastern Europe exposed around 780,000 patient medical records, including social security numbers and other personal information, from a database of Medicaid and Children’s Health Plan recipients. The incident, the largest healthcare data breach of 2012, resulted in the firing of the state IT director, according to the report.

The state further responded by proposing a new bill that would require certain security "best practices" are put in place, mandating an audit of the state health department’s security every 2 years.

Redspin researchers noted that the overall health security outlook had improved from 2010 to 2012, with fewer incidents reported and fewer patient records exposed, but the number of "large" breaches, defined as those affecting 500 individuals or more, had increased nearly 21%.

In total the report noted 538 reported breaches of protected health information from August 2009 to January 2013, exposing a total of more than 21.4 million patient records. About ⅔ of those incidents involved theft or loss.

The breaches represent a risk to patients and to healthcare institutions, but Redspin researchers noted another victim: electronic medical records.

"Data breaches can cause significant financial harm, reputational damage, and loss of consumer confidence. In healthcare, that risk is not limited to an individual hospital or business associate," the researchers noted. "It is an industry-wide threat to the continued adoption of electronic health records – the foundation for improving cost efficiency, care delivery, and patient outcomes within the U.S. healthcare industry."

RSS From Medical Design & Outsourcing

  • Saelig presents new Amplicon Impact-R 1100F series computer
    Saelig Company announces the Amplicon Impact-R 1100F series, a fanless system powered by the Intel ATOM D2550 processor. Configured with a high performance 2.5 in. MLC Solid State Drive (SSD), the Impact-R 1100F series is a silent controller system. With options for multiple serial communication ports, the Impact-R 1100F can offer up seven DB9 connections […]
  • Gerresheimer to acquire Centor
    Gerresheimer AG, a partner to the global pharmacy and healthcare industry, will further extend its pharmaceutical packaging business with the acquisition of Centor. Gerresheimer has reached an agreement with Nemera Development S.A. to acquire 100% of the share capital of Centor US Holding. “Centor is the highly profitable market leader for plastic vials and closures in […]
  • Methods Machine Tools presents the new Nakamura-Tome NTRX-300
    Methods Machine Tools, a developer of precision machine tools and automation, has introduced the new Nakamura-Tome NTRX-300, a multitasking turning center featuring complete parts machining in one operation, with a built-in load and unload automation system and advanced operator recognition management software. The NTRX-300 features true opposing twin spindles: an 8 in. A2-6 25 HP or […]
  • MSC Apex Diamond Python and Smart Midsurface speeds modeling to validation
    MSC Software announced a new release of MSC Apex, the company’s award-winning next generation Computer Aided Engineering (CAE) platform. The MSC Apex Diamond Python release introduces: · The fourth release of MSC Apex Modeler is a CAE Specific direct modeling and meshing solution that streamlines CAD clean-up, simplification and meshing workflow. New in this release is […]
  • Quality Metrics: FDA’s plan for a key set of measurements to help ensure manufacturers are producing quality medications
    Editor’s Note: This article is written by Ashley Boam and Mary Malarkey from the “FDA Voice” blog. Boam is an FDA’s acting Director of the Office of Policy for Pharmaceutical Quality, the Office of Pharmaceutical Quality and the Center for Drug Evaluation and Research. Malarkey is an FDA’s Director if the Office of Compliance and Biologics Quality […]
  • MasterControl’s CEO talks EQMS software and new partnerships
    MasterControl offers a quality and compliance software that helps device companies speed time to market and improve their bottom lines. Under Jon’s leadership, the company has blossomed into a market leader and has a unique corporate culture that fosters growth, excellence and quality. In this podcast, MasterControl’s CEO, Jon Beckstrand, will discuss electronic quality management […]
  • BIT Group launches white label IVD solutions
    BIT Group has launched a product line of customizable IVD white label instruments. During recent years, BIT has invested capital and resources developing customizable, ready-to-use IVD systems to address a growing demand. “The IVD market is challenging for our clients,” said Marius Balger, CEO at BIT. “OEM’s must adhere to a growing number of evolving IVD […]
  • Toshiba expands line-up of ARM Cortex-M-based microcontrollers
    Toshiba announced that it has enhanced its current “TX Family” of ARM core-based microcontrollers and started to develop three series of microcontrollers, “TXZ0 series,” “TXZ3 series” and “TXZ4 series,” as part of the “TXZTM Family.” The TXZTM Family is a new collection of flash microcontrollers that support low-power consumption and high-speed operation for IoT and M2M […]
  • Parker Hannifin consolidates, layoffs ahead
    Parker Hannifin plans to consolidate a number of internal divisions, close 2 facilities and expand its Mexican operations, according to an internally distributed letter from Andy Ross, Parker’s engineered materials group president. The company has confirmed the letter was authentic, but has not disclosed how many employees will be affected by the new plans or […]
  • 3-phase current transducer from PEM delivers all-in-one convenience
    The new RCTrms 3-ph current transducer from Power Electronic Measurements (PEM) delivers a convenient, safe and accurate solution for measuring current in three phases. It features a thin, clip-around, flexible sensor coil and provides accurate true rms measurement with 4-20 mA or 0-5 V output, enabling simple installation with PLC’s, SCADA systems or automation equipment. […]
  • Safety alert: Recall on two IV solutions from Baxter
    Baxter International announced it is voluntarily recalling two lots of intravenous (IV) solutions to the hospital and user level due to the potential presence of particulate matter. The particulate matter in each case was determined to be an insect and was identified as a result of a customer complaint. The matter was identified prior to […]

Leave a Reply