Cyber Hygiene in Health Care Data Breaches

Cyber Hygiene in Health Care Data Breaches

Jomin George (Namibia University of Science and Technology, Windhoek, Namibia) and Aroma Emmanuel (Namibia University of Science and Technology, Windhoek, Namibia)
DOI: 10.4018/IJPHIM.2018010103

Abstract

This article describes how data breaches have become the norm, as highlighted by the significant number of breaches experienced by healthcare providers. These breaches have led to the scrutiny of cybersecurity technologies, protocols and strategies applied in the health care sector. As such, this article will explore the cyber security available in health care that is used and can be used to deter data breaches. Health care sectors are currently looking on different technologies and strategies to prevent and secure the patient information from data hackers. But some of these techniques have been effective, and some have not.
Article Preview

Introduction

Cyber hygiene plays a serious role in various health care systems; it provides the foundations for protecting the patient confidential information from any cyber threat. Its importance is recognized by various institutions in health care sector and has developed various cyber security strategies to make the best out of the technology, its main aim is to improve the way health care institutions can protect themselves from cyber threats. Previous studies have noted that the world today is affected by the immense flow of technology. The digital information flow creates a complex economic and societal interrelation. The explosive use of the computer in data management has reinvented how data is stored and processed in almost all sectors, healthcare is one of the institutions greatly affected by the new development. With every step towards the realization of wholly interconnected virtual systems, additional risks also come into play.

Technology has enabled the health sector to generate and store patient data in computer systems, the aim is to improve efficiency and safety during care since practitioners can exchange information more rapidly and accurately as compared to the older approaches. However, recent developments show increased rate of attack on systems believed to be secure, hackers are giving more attention to EHR, mostly for the purposes of extortion. Although different approaches to protecting patient information have been developed over the years, attackers evolve at the same pace, they continue to device new orthodox styles of violating cybersecurity. This paper is an investigation into modern cyberspace, including what makes it so challenging authorities to completely lock out cybercriminals from accessing private data.

Despite its assumed unimportance to cybercriminals over the years, the healthcare sector has now become a prime target for cybercriminals. Data breaches have become the norm, as highlighted by the significant number of breaches experienced by healthcare providers like Banner Health, Newkirk Products, Inc. and the Los Angeles Health and Mental Department among others in 2016. In total 16,471,765 healthcare records were exposed in 2016, a large number despite falling short of the 113,267,174 records exposed in 2015 (HIPAA, 2017). Nevertheless, 2016 data breaches were some of the worst in health plan member's records, and in-patient records revealed. These breaches have led to the scrutiny of cybersecurity technologies, protocols and strategies applied in the healthcare sector (Thomson, 2012). As such, this paper will also explore the cyberhyeine techniques available in health care that can be used to deter data breaches.

Health care entities are currently utilizing different technologies and strategies to try stopping the menace of cyber insecurity (Michael & Jason, 2017). Some have been effective, and some have not. Normal practices like password protection, encryption and firewalls have been deemed ineffective in the past few years because the healthcare industry is now plagued with the problem of insider breaches especially because of the vulnerability of cloud services that 91% of health providers are using but 47% are not protected (Martin, 2015). Despite regulatory bodies like the FDA recognizing the enormity and seriousness of the issue and offering recommendations on how to control cyber risks, the attacks continue to increase. Consequently, it has become necessary for the healthcare industry to devise new methods of cybersecurity.

Abbreviations

  • EHR – Electronic Health Record

  • HIPAA- Health Insurance Portability and Accountability Act

  • COBIT -Control Objectives for Information and Related Technology

  • DDoS - Distributed denial of service

  • HTTPS - Hyper Text Transfer Protocol Secure

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 7: 2 Issues (2019): Forthcoming, Available for Pre-Order
Volume 6: 2 Issues (2018): 1 Released, 1 Forthcoming
Volume 5: 2 Issues (2017)
Volume 4: 2 Issues (2016)
Volume 3: 2 Issues (2015)
Volume 2: 2 Issues (2014)
Volume 1: 2 Issues (2013)
View Complete Journal Contents Listing