Earlier this month, the BBC reported that a major US healthcare conglomerate sustained a cyber-attack resulting in the “theft of 4.5 million people’s personal data.”
Analysts speculate that the attack on Community Health Systems originated in China. Stolen details included patient names, addresses, birthdates, telephone numbers and social security numbers.
Experts warned that the data could be used to steal people’s identity. And for the company, the breach could cost as much as $150 million. Among those projected costs: hefty fines for violations of HIPAA privacy laws. And HIPAA enforcers are in crackdown mode.
The BBC report cites Lamar Bailey, director of security research and development at cybersecurity firm Tripwire, who said “when personal information is stolen – name, address, phone number, birthdates, and social security number – it impacts the person and not a company.” He added: “This is the information needed for identity theft to allow criminals to open accounts in the names of the 4.5 million victims.”
Healthcare is an industry we care deeply about at BlackBerry. It’s one field where the results of technological advances, including those in mobility, can have a very tangible effect on people’s lives and wellbeing.
Sometimes it’s the simple scenarios: like when secure mobile access to critical tools means a physician has time to see one more patient each day.
Other times it’s more complex, like when BlackBerry-owned technology provides the OS that drives robotic surgical instruments, patient monitoring systems, infusion pumps, or blood analysis systems. These are tools that improve and even save lives — every day.
Vulnerable targets
So it’s particularly distressing when cybercriminals target victims who, in most cases, are already vulnerable. Imagine you’re caring for your sick child or parent, only to be notified by the hospital you’re relying on that your loved one’s personal data has been stolen. Horrendous. Your first question would likely be ‘How could this happen?’, or ‘What mechanisms did you have in place to prevent such a thing?’
Unfortunately, the reality is that many healthcare organizations are behind the times when it comes to security preparedness.
Identifying a cure
The FBI and other agencies have been sounding alarm bells for some time now. Back in April of this year, (right around the time the Community Health Systems attacks were beginning, ironically) they issued a private notice to healthcare providers, which made the point clear:
“The healthcare industry is not as resilient to cyber intrusions compared to the financial and retail sectors, therefore the possibility of increased cyber intrusions is likely.”
Health data is “far more valuable to hackers on the black market than credit card numbers” because it often includes details that can be used to tap into bank accounts or “obtain prescriptions for controlled substances,” wrote Reuters’ Jim Finkle at the time.
And while the healthcare industry can be slow to make changes, cybercriminals are on the cutting edge, getting better at what they do every day, and getting bolder too.
BlackBerry security is designed to support those industries where protection is needed most, and is mandated by regulations and laws.
That’s why BES10 is the platform of choice for a growing number of the world’s security-minded healthcare organizations. Knowing the sensitive data that flows through and around these environments is safeguarded is what allows healthcare teams to operate at maximum efficiency.
And that translates into direct benefits for the people we care about, when it matters most.