Wednesday, July 19, 2017
Patient data is always going to be at risk as breaches continue to grab headlines. As we’ve seen with the recent WannaCry ransomware attacks in May, the real surge in health data crime has come in data thieves holding patient records for ransom.
There were about 4,000 ransomware attacks per day in 2016, up mightily from the 1,000 attacks per day reported in 2015. According to law enforcement stats, 88 percent of newly-reported ransomware attacks are targeting medical and dental offices.
Dental providers are exposed to the same risks as their medical counterparts; hackers want the patient information dentists collect. Patient data remains a hot commodity for data thieves.
According to Identity Theft Resource Center, the number of U.S. data breaches tracked in 2016 hit an all-time record high of 1,093. Supposedly, for an industry-wide metric, this new stat represents a substantial hike of 40 percent above the previous record high of 780 reported in 2015.
Since 2005, the center has been identifying data breaches in five industry sectors. In 2016, the business sector again topped the list in the number of data breach incidents, with 494 reported, representing 45.2 percent of the overall number of breaches, according to the organization’s statement from January. But, according to the report, the healthcare/medical sector saw the second-highest number of breaches (377 incidents), representing 34.5 percent of the overall total.
So as criminal elements have shifted their efforts from stealing data to spreading ransomware, attacks on dental practices are still very real.
For some perspective, since federal reporting requirements kicked in, the U.S. Department of Health and Human Services' database of major breach reports (those affecting 500 people or more) has, at the time of this writing, tracked 1,913 incidents that affect the personal information of tens of millions of people. A majority of those records are tied to theft, data loss, hacking and unauthorized access to accounts.
As patient data is sought after, the importance of secure storage solutions to protect data is paramount to keeping patient information “safe.” For example, moving to the cloud and storing patient information remotely in a secure and protected manner reduces the need to transfer and collect data on laptops, hard drives or other devices. While this reduces the threat of physical theft, the fear of breach continues to keep many dentists from moving their data to the cloud.
Practices moving to the cloud are likely to face similar threat levels as if their data and technology were stored onsite, but the benefits are far greater in terms of accessibility. Here’s why: While the data needed to power a practice is off-site when stored in the cloud, the data also is secure in the event of a catastrophe. Likewise, the information is easily exchangeable and retrievable, and records can be loaded or attached and sent to support claim verification and adjudication at the request of payers, for example.
The cloud is creating great opportunities for better information storage solutions for dental practices, and also supports calls for organizations to rely on more than one mechanism for data backup to improve their security efforts.
You can no longer rely on a single approach to security nor can you expect to always have complete control of your data. Though cloud storage won’t completely stop data breaches or information loss, the cloud does offer dental practice leaders an alternative approach to storing, securing and managing data.