Another month, another health hack. In what is now uncomfortably common in the sector, it was the victim of a data breach in May. The information of almost six million people – including social security numbers, names, and addresses – was stolen and published. PharMerica disclosed The hack is the largest this year in healthcare. Even worse, the hackers stole the information of deceased patients, and now to ensure that fraudulent credit lines have not opened in the aftermath. family executors are advised Concerningly, this breach most hurts those the sector is sworn to serve – patients. It’s past time for operators and providers to tighten healthcare endpoints, secure networks, and protect their private information. Let’s explore how. The Cybersecurity State Of Play This is the latest in a long line of healthcare attacks. , healthcare organizations worldwide averaged more than 1,400 cyberattacks per week, about 75% higher compared with 2021. And the hacks are evermore costly. The average health breach costs about – more than double the average for industries like pharma, technology, and energy. Last year $10M per incident Interestingly, hackers aren’t just going for small players with fewer cybersecurity resources. PharMerica is one of the largest providers of pharmacy services in the United States, operating more than 2,500 facilities and 3,100 pharmacy and healthcare programs. And yet, they too cannot keep bad actors away. What Health Must Do Now on its website stating that it is taking extra steps to reduce the chances of a similar event happening again. However, the company did not mention what those steps are. Here are some suggestions. PharMerica posted a statement First, prioritize hardware and device security. A single exposed endpoint – like a connected medical device or health kiosk – can lead to network infiltration. Alarmingly, roughly half of the incidents reported at originate from these sources. The sector should therefore consider for comprehensive oversight of devices, users, networks, and settings. Moreover, encrypt all device communications and implement an intrusion monitoring and detection strategy. The Department of Health’s breach portal unified endpoint management Second, adopt zero trust. This emerging security model enforces the principle of least privilege, granting only the minimum credentials required for specific tasks. This way, healthcare institutions can decide who views and edits patient data, as well as better track such actions. Additionally, backed by continuous multifactor authentication, entry is stricter. Third and finally, don’t forget the human element. Hackers often try to exploit those working on the healthcare frontlines via phishing or social engineering attacks. Therefore, bring staff along in your cybersecurity efforts. Continuously train the team in foundational cybersecurity and warning signs. And, especially in organizations with bring-your-own-device policies, teach them best practices to stay safe. Patients Deserve Peace Of Mind The good news is that healthcare organizations – by acting proactively instead of reactively – can prevent themselves from becoming another statistic. This is possible by incorporating lessons learned, responding to the growing threat landscape, and implementing robust frameworks. Of course, there is an added degree of difficulty considering the sensitivity of health data. Not only must providers keep patient information secure, but they must keep it confidential. Here, too, tighter endpoint oversight helps ensure regulatory compliance and lower the chance of a breach, thereby improving service delivery to patients. In the end, that’s who matters most in this conversation. Patients, living and dead, have a right to secure medical records. Similarly, doctors deserve to practice in the electronic age without threat. Strong cybersecurity infrastructure protects both sides for a healthier tomorrow.

The is an opinion piece based on the author’s POV and does not necessarily reflect the views of HackerNoon.

Students Are The First Line Of Digital Defense, It’s Time To Treat Them Like It

Read My Stories

Too Long; Didn't Read

Boost your HackerNoon story @ $159.99! 🚀

Health Hackers Are Exploiting Deceased Patient Data, Here’s How We Stop Them

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

Students Are The First Line Of Digital Defense, It’s Time To Treat Them Like It

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

Students Are The First Line Of Digital Defense, It’s Time To Treat Them Like It

Windows Sticky Keys Exploit: The War Veteran That Never Dies

06/02/2018: Biggest Stories in the Cryptosphere

0-Days are on the Rise and that Means a Lot More Work for SOC Teams

Time Bombs Inside Software: 0-Day Log4Shell is Just the Tip of The Iceberg

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps