With healthcare records in the dark web being sold for $150 a record and stolen credit card numbers only going for a few dollars, it shouldn't be very surprising to find out that healthcare is being hit with cyberattacks more often than any other industry.
Over the past few months, security reports from Health IT and cybersecurity groups have shown that cyberattacks against healthcare are rising drastically. A new report from Tenable showed that although 2019 was a record-setting year for healthcare data breaches, it was topped in 2020 with 237 incidents. Now in 2021 with data from the first two months, we're on pace for another record setting year with 56 breaches already. Other reports indicate that in 2020 the healthcare sector accounted for 79% of all reported data breaches (See Here).
CPO Magazine reports that "Ransomware attacks accounted for 54.95% of 2020’s healthcare data breaches," and that "third-party vendor compromise accounted for about 25% of the healthcare data breaches, and about 12 million of the exposed patient records."
As we discussed during our presentation in January, there is a new Stark Law exception that allows for donations of cybersecurity technology and related services. There is also a brand new Anti-Kickback Safe Harbor available. With the increasing need for interoperability and access to records among a variety of providers and vendors, it becomes even more important for providers to understand how best to secure healthcare data and to understand what resources and opportunities are available to make it happen.
2019 was a record-setting year for healthcare data breaches, but it was topped by 237 incidents in 2020. 2021 is on pace to take the new record with 56 breaches through the first two months.