2015 was a bad year for healthcare data breaches. Unfortunately, it’s only going to get worse. Why? According to an article on ModernHealthcare.com, Lynne Dunbrack, research vice president for IDC Health, says it’s “because cybercriminals are looking for new targets. Healthcare organizations have historically invested less in IT, so they have invested less in security. They are a soft target.”
Steve Weisman, a lawyer and professor at Bentley University and one of the country’s leading experts in scams and identity theft, believes healthcare “will remain the largest segment of the economy to be victimized by data breaches both because, as an industry, it does not provide sufficient data security and because the sale of medical insurance information on the black market is more lucrative than selling stolen credit and debit card information,” according to USAToday.com.
Cyber criminals and fraudsters alike know that financial services and retail organizations have strengthened their IT and security systems after being plagued by multiple cyberattacks for years. We know that these criminals shift their tactics and move to the easiest route of penetrating an organization’s security system. Unfortunately, for patients, “one out of three individuals will have their healthcare records exposed by cyberattacks in 2016,” said Dunbrack.
Medical information is worth ten times more than a credit card number or a Social Security number (SSN) on the Dark Web. Why so high? The information contained in the medical record contains personal information like their name, address, SSN, date of birth and insurance information. Fraudsters can then use that information to open and access bank accounts, obtain fraudulent loans and credit cards, file false tax returns and even file false claims with medical insurance providers – some even buy medical equipment and prescription drugs that can be resold.
Another reason why a medical record is so valuable to fraudsters is because of how long it takes to realize a patient is a victim. While a stolen credit card number can be quickly cancelled by a financial institution, it could take years for someone to realize their medical information has been compromised.
While the healthcare industry will continue to be a victim of cyberattacks, the good news is your organization can take steps to prevent fraud and identity theft from occurring. With a robust and layered identity verification and fraud prevention platform, your healthcare organization will not only maintain compliance, but ensure that the patient, provider or employee attempting to gain access is truly legitimate and not a fraudster who bought a compromised medical record on the Dark Web. Find out more about how IDology can help here or contact a representative at (866) 520-1234.