Health care is supposed to get us out of harm’s way, not endanger us. The harsh truth is that data breaches in space are at historic levels, compromising tens of millions of health records and potentially putting patients at serious financial risk.
“In the last 12 months, from July 2021 to June 2022, 692 major health data breaches were reported and the records of 42,431,699 people were wrongfully exposed or disclosed,” a HIPAA Journal study found. . “The past two months have seen reported data breaches well above the 12-month average of 57.67 breaches per month.”
Discuss the impacts of data breaches and healthcare fraud with PYMNTS, Experian Health Vice President, Adjacent Markets and Consumer Engagement wild chris says cyber crooks have plans for these stolen records, and that’s as bad as we think.
“There are a lot of reasons you might want someone’s records,” he said. “A lot of it has to do with some aspect of social engineering, but there’s a lot you can do with medical fraud.”
Considering that in 2022 there are approximately 32 million HSAs containing over $100 billion in the United States, that’s a rich target for bad actors, a nightmare for victims, and a costly blow for providers. The average financial impact of fines and related costs for healthcare companies that are breached can be as high as $10 million.
“It’s the financial costs, but I would say overall the biggest cost is the reputational impact,” he said. “Think about health care today. It’s consumed more than ever before.
This means healthcare is more accessible than ever and the patient now thinks more like a paying customer. For healthcare providers who don’t view data security as mission critical, not only will they pay the fines, but they’re more likely to lose the relationship as well.
See also: Healthcare payments are getting a patient-centric overhaul in 2022
Technology versus technology
Faced with the scale and sophistication of data breaches, the healthcare industry as a whole knows it needs to secure its data, but doesn’t always know where to start. Looking at it from the perspective of the patient experience is one way to understand the whole issue.
“Before, the gold standard asked a lot of questions that [the patient] knows,” Wild said. “Which street did you live on five years ago and which of these people did you live with? We find it’s starting to get a bit outdated now, and there’s a lot more to identifying who someone is.
Noting that healthcare has a unique balance to strike between security and access, he said companies like Experian Health are becoming more aggressive on the identity front.
Using device identifiers is one way. “When you have your cell phone or your tablet or your laptop, or your computer, or even your voice assistant devices, they all have a device ID. We keep track of those and see which ones are bad , which ones are nice,” he said.
“We can start to ramp up when we see a naughty device acting mean. But also think about things like document verification, validation that a driver’s license presented to a registrar is actually a real driver’s license, or things of that nature.
This is another use case where technology and digital data make health records more secure without encroaching on consumer healthcare journeys that are loaded enough. Biometrics is quickly becoming an essential element of authentication.
See also: Broward Health in Florida hit by data breach of 1.3 million patient records
Data security is everyone’s business
Wild said: “One of the challenges we’ve had historically is just identifying that something happened. It takes almost two-thirds of a year to find out that something has happened. Think about everything that could have happened with that data during that time. »
Like everything else, the pandemic has accelerated online access through patient portals and text-based communications with healthcare providers. Reciting all the hurdles health care passed in the early years of COVID as telehealth took over from the doctor visit, [Wild said] the industry is in a different situation today, although it is still far from done when it comes to securing patient data.
“Looking at all these kinds of [COVID] factors, it really accelerated the adoption [of digital health access solutions],” he said. “Now it’s becoming more and more common that the conversations we have are less about operational savings and more about security savings, because we’re just seeing those volumes go up in a kind of parabolic hockey stick . [way].”
However, increased access for the patient means more exit points for the cybercriminal, which is why Wild said organizations are partnering with data experts to lock it down.
“For a healthcare data breach or any sort of patient-member data misuse, you want to make sure you’re keeping things safe, things are secure, and everyone involved knows what to do,” said he declared. “In today’s world, it’s not just about computers.”