What’s worth more? Your credit card numbers and bank account information or your medical record? Well it turns out that hackers can get more money for your medical records. People engaged in Medicare and Medicaid fraud are willing to pay a premium.
Hackers have also started to realize that hospitals are easier targets than banks. Hospitals are decades behind finance when it comes to standing up real security, and as e-commerce and finance targets become more secure hackers are looking for the next easy target.
Hospitals are easy targets because they don’t secure data, they secure networks. Sure, a patient’s medical record is secure when it is in the hospital, but what happens when a doctor emails a patient or a colleague? What happens when a tablet is lost or stolen? When data is mobile, when it can be easily shared with others it needs to be secured.[banner_cta title=’Download the Complete Guide to
HIPAA Compliance for Physicians’ button_text=’Learn More and Download’ button_url=’https://virtruprod.wpengine.com/hipaa-compliant-email-for-physicians/’ image_url=’//virtru.com/wp-content/themes/virtru/img/ebook-fade-2.png’]
Spending Money on the Wrong Solutions
Healthcare spending is projected to account for 19 percent of the GDP by 2023. That’s big money, and Healthcare IT continues to grow at a phenomenal 20% CAGR. The overall spend for Healthcare IT (approximately $100 billion in 2014) is still peanuts compared to what banks will spend on IT with financial services projected to spend half a trillion on IT by 2020. Security is a line item in the Healthcare IT budget, but it isn’t the biggest by far in budgets dominated by big ticket items like imaging systems for radiology and HIMS systems.
Regulations such as HIPAA have trained the industry to follow strict, network-centric approaches that focus on securing access to networks and computers. Most hospitals are encrypting patient data at rest and, inside the network, data is secure. Where data is at risk is when it is shared outside of the network. With a large majority of doctors using smartphones this is a growing problem. Patient data is finding its way outside secure hospital networks.
Securing Patient Data Solves the Problem
The industry could reduce its exposure to fraud if it secured data across the entire lifecycle and guaranteed that patients and institutions had control of the personal information generated by doctor and hospital visits. If doctor’s offices and hospitals used technologies like Virtru for Business, patients would have the ability to track and control who sees their information.
When doctors share data with other doctors, this data needs to be encrypted in transit and at rest in a format that lends itself to audit and control. If more doctors used secure email encryption hospitals wouldn’t have to worry about suffering through expensive “mega-hacks” exposing millions of health records at once all because someone thought that network security alone was sufficient.
It’s not enough these days to put a lock on some electronic cabinet and call it secure. Our most sensitive medical data needs to be protected with a format that allows for control of who can see the data and where it can be forwarded to. That technology is here in Virtru for Business and we’ve designed our systems to provide healthcare professionals with a real solution that secures the data both inside and outside the institution.