Whether or not it’s a ransomware assault, knowledge breach, or one other unnamed technique that exposes and exploits non-public, delicate, or proprietary knowledge, 2021 is shaping as much as be the “12 months of the breach,” with healthcare orgs among the many prime targets. Final week, Humana grew to become the most recent healthcare org to fall sufferer to cyberattack when hackers leaked medical knowledge of over 6,000 patients, acquired through a third-party app for Medicaid Benefit members and brokers.
Within the first half of 2021, 360 breaches exposed almost 23 million patient records — which is greater than another six-month interval because the US Division of Well being and Human Companies’ Workplace for Civil Rights (OCR) started maintaining monitor. This shouldn’t come as a shock, as a result of healthcare organizations:
- Handle and retailer a lot of beneficial knowledge. Huge quantities of information is shared between an rising variety of bodily and digital entities each inside and out of doors the entities’ IT community.
- Preserve giant, expanded third-party networks that may be exploited (physicians, researchers, enterprise associates, insurers, payers, and many others.).
- Rely closely on expertise for digital care, linked medical units, diagnostics, and affected person engagement.
- Battle to safe delicate knowledge because it flows between their hospital scientific engineering/IT networks, clinician distant entry factors, digital care platforms, third-party healthcare companions, and even affected person house networks.
The appreciable quantity of blind knowledge sprawled throughout the healthcare ecosystem, sitting on flat, weak networks with poor entry controls, has made healthcare the low-hanging fruit for hackers who’d slightly work smarter, not tougher.
Whereas there’s no single treatment, adopting Forrester’s Zero Belief technique can assist most healthcare supply organizations. In our not too long ago revealed report, The Zero Trust Security Architecture For Healthcare, my colleague Alla Valente and I focus on how new dangers of the post-COVID supply mannequin put Zero Belief entrance and middle in healthcare supply organizations. Among the many suggestions are the necessity for an overarching safety technique, visibility into the chance related to third-party data-sharing relationships, and accelerating innovation with out jeopardizing security, privateness, and safety.
If you’re answerable for safety at a healthcare supplier and wish to be taught extra about this, please schedule an inquiry call with myself or Alla as we speak.