Health Care Remains a Target for Fraudsters

  • Security

Healthcare
Despite the awareness and notoriety of health care data breaches, such as Anthem Blue Cross Blue Shield and Premera, breaches are consistently occurring. Most recently, UCLA Health and St. Francis Health were compromised in different ways. While a segment of the media is calling 2015 the year of the health care attacks, how does this year really compare to the past?

 

In May, UCLA Health discovered that part of their network had been compromised; therefore, providing fraudsters with the potential to access personally identifying information including name, birthday, social security and more. According to UCLA, investigation “personal information of about 4.5 million individuals, including UCLA Health patients and providers who sought privileges at any UCLA Health hospital, was maintained on the impacted parts of the UCLA Health network.”

At this point, it is unclear if the fraudster accessed the information or used it in any malicious way. However, UCLA is still providing a toll-free hotline and information regarding identity theft prevention.

 A recent attack on St. Francis Health is part of a more complex data breach, since it was from a contracted company, Medical Informatics Engineering (MIE). Reports are claiming that 3.9 million people were affected by breach exposing personally identifying information in addition to health records. Likewise, MIE is offering free credit monitoring and identity protection to victims for two years.

The following data breaches among others in 2015 show the dyer need to safeguard information. However, health care breaches are not new.  In the last six years there have been more than 1,200 healthcare breaches recorded by the U.S. Department of Health and Human Services. The sources of the breaches vary from a desktop computer to laptops, networks and more. Therefore, it is more important than ever to prepare employees to deal with the data breach threats that companies face. Additionally, companies can implement dynamic knowledge-based authentication and other EVS products to protect the data it stores.