Why Healthcare Data Is Difficult to Protect—and What to Do About It

Share with your network!

Hospitals, clinics, health insurance providers and biotech firms have long been targets for cyber criminals. They handle data like protected health information (PHI), intellectual property (IP), clinical trial data and payment card data, giving attackers many options to cash in. And as healthcare institutions embrace the cloud, remote work and telehealth, the risks of attacks on this data only increase.

Besides outside attackers, insider risk is another concern in an industry where employees face high and sustained levels of stress. And then there’s the increasing risk of ransomware. In the 2022 Internet Crime Report from the FBI’s Internet Crime Complaint Center, healthcare was called out as the critical infrastructure industry hardest hit by ransomware attacks.

In this blog, we’ll take a look at some of the information protection challenges faced by the healthcare industry today. And we’ll look at some solutions.

Healthcare data breach costs 

Not only are data breaches in healthcare on the rise, but the costs for these breaches are high for this industry, too. IBM’s Cost of a Data Breach Report 2023 says that the average cost of a healthcare data breach in the past year was $11 million. These costs can include:

  • Ransoms paid
  • Systems remediation
  • Noncompliance fines
  • Litigation
  • Brand degradation 

There’s a high cost in terms of disruptions to patient care as well. System downtime or compromised data integrity due to cyber attacks can put patients at risk. For example, when Prospect Medical Holdings faced a recent cyber attack, its hospitals had to shut down their IT networks to prevent the attack’s spread. They also needed to revert to paper charts. The Rhysida ransomware gang claimed responsibility for that attack, where a wealth of data, including 500,000 Social Security numbers, patient files, and legal documents, was stolen. 

Information protection challenges in healthcare

Healthcare firms face many challenges in protecting sensitive data. They include:

Insider threats and electronic health record (EHR) snooping 

What are some insider threats that can lead to data breaches in healthcare? Here’s a short list of examples:

  • Employees might sneak a peek at the medical records of a famous patient and share the details with the media.
  • Careless workers could click on phishing emails and open the door to data theft. 
  • Malicious insiders can sell patient data on the dark web. 
  • Departing employees can take valuable research data with them to help along own careers. 

A growing attack surface due to cloud adoption

Most healthcare businesses are increasing their use of cloud services. This move is helping them to improve patient care by making information more accessible. But broad sharing of files in cloud-based collaboration platforms increases the risk of a healthcare data breach.

It is a significant risk, too. Proofpoint threat intelligence shows that in 2022, 62% of all businesses were compromised via cloud account takeover.  

Data at risk across multiple data loss channels

When EHRs are housed on-premises, patient records can still be accessed, shared and stored on remote endpoint and cloud-based collaboration and email systems. And as healthcare data travels across larger geographies, protecting it becomes much more of a challenge. 

How Proofpoint can help

Our information protection platform, Proofpoint Sigma, provides unmatched visibility and control over sensitive data across email, cloud, web and endpoints. This unified platform allows healthcare businesses to manage data risk, while saving time and reducing operational costs. We can help protect your data from accidental disclosure, malicious attacks and insider risk. 

As the healthcare industry continues to adopt remote work and telehealth, there is one particular Proofpoint solution that stands out for its ability to help safeguard data. That’s Proofpoint Insider Threat Management (ITM). It monitors user and data activity on endpoints. And it allows security teams to detect, investigate and respond to potential data loss and insider threats. These threats include:

  • Data exfiltration
  • Privilege abuse
  • Application misuse
  • Unauthorized access
  • Risky accidental actions
  • Anomalous behavior

Proofpoint ITM helps you detect, prevent and respond to threats like EHR snooping with user timeline-based visualizations and advanced analytics. And once an insider threat is identified, the solution provides workflows and irrefutable evidence of wrongdoing to help accelerate incident response.

The individual worker is now the security perimeter. Healthcare businesses can benefit from a converged endpoint data loss prevention and ITM solution like Proofpoint ITM.

Learn more

During Insider Threat Awareness Month, Proofpoint can help you learn best practices and practical tips for managing insider threats. Join our Insider Threat Awareness webinars to hear from guest speakers with Crane and Forrester Research, who will share their insights on this important topic.