4 min readThe Risks for Healthcare Data
When it comes to cyber security and data breaches, no system is infallible. According to the recently released 2016 Ponemon Cost of Data Breach Study the average consolidated total cost of a breach is $4 million. It also found that the average cost incurred on each lost or stolen record containing sensitive and confidential information is $158. When multiplied by the thousands of lines or records, that can easily turn into an eight-figure sum.
The statistics are even more alarming when it comes to healthcare-specific data.
According to Ponemon Institute’s Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data, about 90% of healthcare organizations represented in the study experienced a data breach in the past two years—and 45% suffered more than five breaches in the same period.
The study also estimated that the healthcare industry is shelling out $6.2 billion a year to pay the various costs related to data breaches. On average, covered entities are paying $2.2 million as the result of breaches, while their business associates and third parties have to pay $1 million on average for their role in healthcare-related breaches.
Why is healthcare data so sought after by hackers? According to some reports, each individual healthcare record is worth $10 in the criminal market, or up to 20 times more than a stolen credit card number. Other estimates place the value between $20 and $70.
While that may not seem like it’s worth committing the crime, consider how much 5,000 healthcare records are worth, at $15 a record: $75,000. Target an easy-to-breach entity and that’s $75,000 with minimal effort.
Healthcare and the Cloud
With these kinds of risks, you may be asking yourself why so many want to move to the cloud at all.
The cloud allows many organizations to ensure near infinite scalability, utilize more flexible resources, cut infrastructure maintenance costs, and empower users—both providers and patients. And new types of cloud models have allowed the seamless transition of vast data points throughout the globe.
But while this helps healthcare organizations become more agile and enables them to easily share data between providers, protecting patient privacy and information becomes a major point of concern.
From personally identifiable information (PII) and protected health information (PHI), to claims processors, insurance companies, pharmacies, and more, the thought of shifting records to the cloud may have some healthcare companies apprehensive to make changes.
To be sure, the cloud carries the exact same concerns as any proprietary system might have: it must stay compliant with regulations; it requires strict data security as well as detailed audit procedures for healthcare information.
But as technology advances and data compilation grows, more healthcare organizations are considering moving their systems to a more scalable and sophisticated cloud model.
Storing information in the cloud enables access to information from anywhere, streamlines services, and cuts down on operating costs. And as patient engagement becomes param ount to staying relevant in the healthcare industry as a whole, bigger systems require migrating to the cloud. Migrating to the cloud enables big data and machine learning solutions that create the opportunity for healthcare companies to meet the demands of today’s patients and providers.
Of course, cloud security for the healthcare industry must be done within the parameters of health regulations.
Security Expertise
At SoftServe, we migrate your system to the cloud while preserving your data’s integrity, always keeping your security at the top of mind.
For one thing, to stay a step ahead of a hacker, you’ve got to get inside the mind of a hacker. The Certified Ethical Hackers who lead our security team have all the skills and instincts hackers have—without the bad intentions.
SoftServe’s elite security experts keep your digital assets safe. Comprised of a team of white-hat industry experts, SoftServe’s security team is equally adept at preventing, responding to, and minimizing the impact of attacks on application and system security.
Our core group of more than 10 security experts, including Certified Ethical Hackers and PhDs in security-related fields, make it their mission to know as much or more about exploiting security vulnerabilities as criminal hackers.
Our security offerings include:
- Penetration Testing: Expose the weaknesses in your systems and identify points of vulnerability—before someone else does.
- Secure Development: Protect critical apps from threats with tightly integrated security throughout the development lifecycle.
- Managed Security: Count on an experienced team of experts to monitor and manage security technologies in your environment around the clock.
- Security Monitoring: Ensure secu re operations and draw critical insights from Big Data through comprehensive monitoring of controls.
- Incident Response: Respond to attacks and regain control quickly with expert advice, guidance, analysis and reporting.
- Compliance & Certification: Improve security and validate compliance to operate confidently in tough regulatory environments.
To learn more about cloud security for healthcare organizations, check out our white paper, “Healthcare Security and Compliance in the Cloud.”