In August 2014, the Heartbleed Bug — a major vulnerability within the OpenSSL encryption toolkit — led to the theft of 4.5 million patient records at a major healthcare company. To the healthcare industry, this was a startling wake-up call. With OpenSSL driving the encryption of records across many medical organizations, it was suddenly painfully obvious just how vulnerable the industry is to cyber security breaches.
While Heartbleed’s impact on the healthcare field was significant, many companies are still in the dark about the ongoing risks they face and the ramifications involved with medical data theft.
For cybercriminals, medical records are high-value targets, typically fetching 10 to 20 times the per-record price of credit card numbers on the black market. And most medical records are “protected” by outdated systems and processes. In April, the FBI issued warnings to the healthcare industry that its standards for security are extremely weak compared to those in other sectors, such as finance, making it a prime target for hackers.
To make matters worse, the cost of breaches in the healthcare industry are estimated to cost approximately 71% more than the average across all sectors. In addition to the costs of remediation and reputation damage, healthcare companies face steep fines — up to $1.5 million per year — from the Department of Health and Human Services.
Enhancing security in the healthcare industry is a critical need. In addition to updated technologies and more active detection strategies, companies need more robust breach response plans to limit damages and achieve quick resolution.
Lunarline supports these enhancements with custom-built solutions designed specifically for healthcare organizations. With a comprehensive knowledge of the rapidly evolving regulations governing healthcare data and years of experience building top-tier security programs, the experts at Lunarline are prepared to bring your company up to speed.