Dive Brief:
- It has not been a good couple of years for the health IT industry, which has suffered more breaches than military and banking put together. This is likely because health records can be sold for about $50 each to be used for insurance fraud or to get medication which is later sold.
- Researchers at the Ponemon Institute reported that in 2012 and 2013, 90% of healthcare organizations had patient data either stolen or exposed. There have been more than 200 incidents this year with more than 2 million records lost (that number does not include the recent Community Health Systems breach).
- Two major challenges with the industry are the ease with which hackers can get to patients' records and the use of outdated technology that doesn't receive regular security updates.
Dive Insight:
The Department of Health and Human Services is quick to reassure patients that their health information is secure. But that is becoming a more difficult task as an increasing number of breaches are reported, putting millions of patients' records at risk.
According to Bloomberg News, in 2013, healthcare companies spent an average of $2.2 million on IT security. This was an increase of more than 20% from 2012. While that sounds like a solid investment, it is clearly not enough. Many experts feel that health IT security is a decade or more behind other industries.
Want to read more? You may want to read this story about the price of EHR cyber-security.