A new report by KPMG reveals that 80% of executives at healthcare providers and payers say their information technology has been compromised by cyber-attacks.
“At the core of the increased risk to healthcare organisations is the richness and uniqueness of the information that the health plans, doctors, hospitals and other providers handle,” said KPMG.
The report stated that apart from financial fraud, there is also the possibility of medical insurance fraud or attacks on computer-controlled medical devices.
Despite the risks, the healthcare sector lags in terms of its preparedness for cyber threats.
KPMG said healthcare organisations are facing increased security threats due to:
- The adoption of digital patient records and the automation of clinical systems.
- The use of antiquated EMR and clinical applications that are not designed to securely operate in today’s networked environment, and software vendors who push that problem to the provider.
- The ease of distributing ePHI both internally (laptops, mobile devices, thumb drives) and externally (third parties, Cloud services).
- The heterogeneous nature of networked systems and applications (i.e. network-enabled respirator pumps on the same network as registration systems that can browse the Internet).
- The evolving threat landscape, where cyber-attacks today are more sophisticated and well-funded given the increased value of the compromised data on the black market.