The health care industry has a long, visible and unfortunate history of losing its patients’ sensitive records to theft, negligence or some combination of the two. As hospitals turn to data centers to store clients’ information, it is important that data centers use the best, most cutting-edge technology available to ensure accounts are not compromised.
Medical information more valuable than credit cards
Now, with accounts that contain valuable information like social security numbers, bank accounts, insurance numbers and passwords, medical records fetch more money – up to ten times more – than financial accounts on the black market, according to Reuters. In August, the FBI issued a warning to health care providers to increase their security measures against data theft. Security experts believe thieves are turning to the health care industry, as the infrastructure protecting sensitive information is often lacking or outdated – making it an easy target.
“As attackers discover new methods to make money, the health care industry is becoming a much riper target because of the ability to sell large batches of personal data for profit,” Dave Kennedy, CEO of TrustedSEC LLC, told Reuters. “Hospitals have low security, so it’s relatively easy for these hackers to get a large amount of personal data for medical fraud.”
Those committing the fraud use the fake IDs to obtain prescriptions, equipment and other valuable items to be sold and traded on the black market. Health accounts can sell for $50 on the black market, compared to the paltry $1 for credit cards.
Part of the lure of health records is the slow, bureaucratic response from most hospitals. When credit cards go missing, the provider will often cancel the account and negate any payments in a timely manner. But health care account thefts often take longer to reveal themselves because they aren’t constantly in use the way credit cards are. Then, once they are recognized, the hospital must react immediately or the predicament will only grow, Reuters explained.
Majority of hospitals lose patient information
According to CNN Money, a recent study by Ponemon Institute revealed 90 percent of healthcare providers either lost patient records or had them stolen from 2012 to 2013. As of August 2014, the health care industry has suffered 204 data breaches resulting in 6.6 million names, social security numbers and accounts lost.
“They can’t keep up [with hackers],” J.D. Sherry, who advises hospitals on cybersecurity, told CNN Money. “Their resources are tremendously overwhelmed. With day-to-day business, IT security is not top of mind.”
On top of that, the information is not encrypted. So once it falls into the wrong hands, thieves have little trouble accessing the data itself. Fortunately, there are measures hospitals can – and should – take to guard against hackers and thieves. Though hospitals often have underfunded IT departments and outdated security measures, they have the option to essentially outsource their data protection to centers that are equipped to defend against data breaches.
A biometric solution
For hospitals, the best solution is likely to house their data in centers outfitted with biometric security. This technology uses an individual’s physical characteristics to provide access. While passwords and keys can get lost or misplaced, physical IDs like fingerprints are always accessible and completely unique. Biometric security also reduces the risk of an accidental breach, as only high-ranking individuals with complete clearance would have the ability to get into the server cabinet.
With such sensitive information at risk, data centers that use biometric access control are the best bet for healthcare providers.
To find out more about how to create uniform access control from the front door to the server cabinet, download our whitepaper here.