With your health records online, hackers are now more interested in your health history than your credit card information. Cybercriminals are devising new methods to exploit the vulnerabilities of EMR software.
One of the healthcare security experts of the industry says, “As attackers discover new methods to make money, the healthcare industry is becoming a much riper target because of the ability to sell large batches of personal data for profit. Hospitals have low security, so it’s relatively easy for these hackers to get a large amount of personal data for medical fraud.”
Latest reports suggest that the breach of data stored in EMR software programs are on the rise. Even though it is mandatory for healthcare providers to setup EMR systems, these systems often fail and the hackers are aware of this vulnerability and takes advantage of this situation. The number of cyber attacks on EMR software increased to 40 percent this year. It was only 20 percent in 2009. According to Reuters, the health information is sold for a 10 to 20 times higher price than credit card data. Criminals get a lot of information about a patient from the electronic medical record software.
According to the vice president of data security firm, Penango, Kelly Yee, “Electronic records allow thieves the ability to extract thousands of patients’ records in one attack. Medical providers are federally required to keep patient’s information safe through HIPAA. Any violation of HIPAA alone could cost the medical provider millions. Any known breach of patients’ information would negatively affect the provider’s reputation, from both a patient and partner level.”
He further adds, “This means that millions of dollars and perhaps the medical provider’s existence could be at stake. In other words when taking into consideration factors like the storage of electronic records, HIPAA compliance and a medical provider’s reputation; when it comes to medical health data there is a high reward for moderate risk for hackers.”
One of the health security firms in Salt Lake City says that each week they block thousands of attacks on EMR software data. So, how can these attempts for data breach be avoided and the patient data protected? According to security firms, healthcare organizations will have to setup strong malware software that is capable of avoiding these threats. Experts say that the existing EMR technology has a long way to go when it comes to protecting patient data.