Three data breaches that should alarm the healthcare industry


September 18, 2017

Sign up to free email newsletters


Want a Future-Proof Cyber Security Strategy? Look at Physical Security Now

Recent data breaches from the past several years seem to be following a trend.

More and more target health service providers, and it’s little wonder why. Few industries regularly hold as much sensitive data as the health industry.

Everyone including researchers, insurance providers and doctors keeps not only sensitive health information, but also billing data and unique identifiers, such as social security numbers.

While plenty of legislation aims to provide extra protections for patient data, the fact is that anywhere there are humans, there will be errors. What happens in the doctor’s office may not be as confidential as we all hope.

Here are three of the most recent data breaches in the health industry.

Anthem Blue Cross Blue Shield

This disaster was one of the biggest data breaches of 2016. The health insurance company is one of the top Medicare providers and partners, and in July, it announced a breach of Medicare members’ data.

Over 18,000 Medicare recipients received notification that their data was no longer secure. Retirees and the elderly have always been a favorite target for spammers and fraudsters.

This breach increases their risk significantly. According to Anthem, the attack came through one of their vendors, LaunchPoint Ventures.

Indiana Medicaid

Due to an oversight, Indiana’s Health Coverage Program left an active hyperlink open that gave direct access to Medicaid recipients’ information. This data breach revealed full names, addresses, Medicaid ID numbers, doctor information, patient numbers and more.

The state of Indiana had over one million people enrolled in their Medicaid programme this April, and the information was available starting in February of this year. The hyperlink was available to the public, so it’s difficult to say who had access to the information.

Fortunately, Indiana’s Health Coverage Program believes the breach has caused no damage to patients. They have offered all notified individuals a free year of credit protection, however, just to be safe.

Washington State University

This April, Washington State University discovered that a hard drive containing sensitive information concerning survey participants had been stolen. The hard drive was kept in a locked safe, but the safe itself was stolen from storage and has not been found.

Approximately one million individuals may be compromised by this breach. Most survey participants provided names and social security numbers, which are a valuable prize for identity fraudsters.

Some participants’ health data may also be jeopardized. Although there is no sign of the stolen hard drive or its protective safe, WSU has notified all parties put at risk by the breach.

Like Indiana’s Medicaid programme, WSU has offered a year of free credit monitoring for every notified individual. The university is also taking measures to upgrade and strengthen security procedures to ensure this kind of incident does not happen again.

Unfortunately, these three examples are only the tip of the iceberg. New reports and notifications keep hitting the news.

Even doctors aren’t safe from ransomware. Ultimately, there is little patients can do to protect themselves, and the burden of responsibility falls heavily on the healthcare industry itself.

Free Download: Cybersecurity and physical security systems: how to implement best practices

Discover the five-step process for strengthening your cyber and physical security systems with this free resource from Vanderbilt. Learn how to choose the right equipment to stay diligent and protect your systems against cyberattack, and learn what cyberattacks mean in an interconnected world.

Related Topics

Leave a Reply

Notify of

Sign up to free email newsletters