There’s Money in Hijacking Medical Records
Cyber criminals are smart. They see the large return on investment in their hunt to steal your computer-stored patient records and are more organized in their efforts than ever before. If your practice is not intentional and organized in properly securing and protecting your patient’s medical records, the bad guys are going to eventually find a way into your network and make you pay.
In a recent interview, one heartless hacker claims to have stolen 10 million patient records. An independent security firm investigated and confirmed the data breaches. They reported that the hacker targeted the healthcare provider’s remote administration channels and may have even siphoned off data from MRI and X-ray machines.
What does the cyber thief plan to do with the stolen records? Extort those healthcare providers from which the records were stolen. This ruthless criminal wants big money in exchange for the stolen records and stated in the interview that breached providers will “pay up or face your patients’ wrath.”
Keep in mind that healthcare providers are the first deep-pocket victims. The patient is the second.
Two Dirty Deeds
If the medical facility, hospital, laboratory, or physician won’t pay the ransom in exchange for the records, the hacker can and will do one of two things…or both!
Dirty Deed #1: Hackers will contact the second victims: the individual patients. When he or she does, they will describe – in detail – the information they have and what they will do with it if the patient’s doctor, hospital, or medical laboratory doesn’t pay up. This criminal has the medical data and also, more than likely, ID information, bank account numbers, insurance information, family member’s names, and social security numbers. They can make up, or implement, any number of threats. These are the last things an injured or convalescing patient needs to hear.
A patient’s reactions? First, a feeling of being violated. Second, fear of identity theft and loss of monitory resources. Lastly, an inclination to call the first victim – the healthcare provider – with threats of litigation.
Dirty Deed #2: Cyber criminals will sell the data on the black market. That’s right. They may sell the records to other criminals interested in online bank robbery, home invasion and theft, drug trafficking, and exploit all uses of the victim’s credit cards. If the criminal chooses this path, he or she will move fast, before bank accounts are closed or credit cards cancelled. In fact, a ruthless criminal might implement Dirty Deed #2 before proceeding with Dirty Deed #1.
How Healthcare Providers Can Secure Patient Records
If you want to verify the security of your medical records, contact us at Garner IT Consulting. We can provide consultation, as well as an assessment, to show where your current system of protection is failing. Finally, we’ll explain clearly how your data can and will be protected.
Future Blogs About Data Security
We invite you to check our blog regularly because we’ll be providing clear, concise posts about many components of computer security. We’ll make things clear, simple, safe, and secure.
Give Garner IT Consulting a call at 850.250.3210 or drop by and visit us at our offices located at 1330 Harrison Avenue, Panama City, Bay County, Florida.
Best wishes, Randall and Julie Garner and the entire Garner IT team of professionals.