Why Hackers Love Healthcare Data Blog | Why Hackers Love Healthcare Data
Cyber 12/23/20

Why Hackers Love Healthcare Data

Have you ever wondered how cyber criminals choose their targets?

Vulnerable entities include government websites, medical systems, financial institutions, corporations, small businesses, and individuals.

To figure out the most likely victims, we need to think like hackers.

Cyber criminals ask two main questions when deciding where to strike next:

  1. How easy will it be? Criminals run programs to determine the vulnerability level of websites and software, looking for ways to infiltrate and steal information. Better security measures reduce the hacker’s interest.
  2. How much is there to gain? Will the company be motivated to pay a high ransom for stolen information? Do they have the resources to do so?

Given these factors, which industry is most attractive to hackers?

The answer may surprise you.

Why Healthcare Data is Vulnerable

Healthcare companies store computerized data on either hard drives or “the cloud.”

Hard drives are internal storage methods on physical units like cell phones, laptops, and desktop computers. To access a hard drive, hackers must either manipulate users into downloading malware onto their device (for example, opening an email to an attacker’s site) or access the device physically (for example, stealing a device or breaking into a building to access a device). This depends on user error, forcing hackers to hope someone opens a phishing email or leaves their door unlocked.

Cloud technologies are external storage methods online that can be accessed by multiple people and companies. To breach “the cloud,” hackers may look for weak passwords or out-of-date cybersecurity protection. Cloud technologies are likely to meet both criteria for an ideal target: higher vulnerability and more valuable information.

Most healthcare facilities use some form of cloud technology to store and access information. As you may have guessed, the emergence of COVID-19 has forced many people to work remotely. Healthcare workers replace staff meetings with emails and phone calls. Physicians consult with patients via teleconference. All of these activities increase a company’s cloud activity, making it more valuable—and more vulnerable—to cyber criminals.

Why Healthcare Data Is Valuable

According to one report, a single Private Health Information (PHI) record is worth up to $250 to a hacker. Compare this to the next highest-value target, credit card numbers, which bring in about $5.40 each.

Why the discrepancy?

Consider the consequences of a stolen credit card number. Upon realizing the breach, the victim will immediately cancel the card. They may file a claim for compensation with their financial institution, and the institution itself will work rapidly to repair the damage. Within hours, the information may become useless to the hacker.

But cyber criminals prefer healthcare records for three reasons:

  1. PHI records contain a patient’s complete profile: Social security number, date of birth, payment methods, insurance data, sensitive medical conditions, and doctor/patient communication. Once released, the information can’t be made private again. The hacker might profit for years.
  2. Medical system software is often connected with other parties. This could involve pharmacies, insurance companies, hospital networks, affiliated offices, and stakeholders—all accessed with a single data breach.
  3. The Health Insurance Portability and Accountability Act (HIPAA), is a federal law to ensure PHI and other personal information is accessed only by approved entities. A HIPAA violation may result in jail time and a fine of up to $1.5 million. The ethical and legal ramifications of a HIPAA breach are severe.

Why would hackers even want this information?

How Hackers Use PHI

Cyber criminals can use PHI in two ways:

  1. After a breach, the information may be held for ransom. The affected company is required to pay a large sum of money, after which the hackers promise to destroy their copies of the records. Paying a ransom can avert expensive public relations disasters.
  2. PHI may be sold on the black market, especially if a ransom is demanded but not paid. Buyers can illegally get prescriptions and sell pills, receive expensive treatment, or fraudulent medical claims for insurance payouts. They can buy email addresses to spam with malware. They can access bank accounts and credit card numbers.

Clearly, the consequences of a healthcare data breach can be disastrous. That’s why more businesses than ever are taking steps to avoid and mitigate damage.

Protect Your Company

Between January and July 2020, the top 10 healthcare data breaches resulted in the following:

  • Nearly 4 million complete or partial records compromised
  • Dozens of facilities affected
  • Tens of millions of dollars in legal fees, settlements, and ransom payments

These numbers are frightening, but healthcare companies have two ways to make vulnerable data safer:

  1. Enhance security measures. Keep software up-to-date, train personnel to use strong passwords and personal security, and encrypt data.
  2. Invest in cyber liability insurance.

With hackers constantly revising their methods, it’s impossible to be 100% protected. The good news is that companies can mitigate the effects of an attack with a simple cyber insurance policy.

How to Get Cyber Security Insurance

What should healthcare companies look for in a cyber security insurance company?

  • Experience. NOW Insurance has over 20 years of experience providing insurance in the healthcare sector.
  • Customized plan options. NOW Insurance won’t trick you into buying something you don’t need. Our unique approach provides just the insurance you need, with quick quotes and online service, and without the extra costs that don’t apply to your business.
  • Specialized plans for healthcare practitioners. NOW insurance only works with select industries to ensure the highest quality care.
  • Security. NOW Insurance is backed by the world’s leading insurance market, Lloyd’s of London.

The process is simple:

First, determine how vulnerable you are to data breaches with our easy cyber risk assessment tool.

Second, get a no-obligation quote for personalized recommendations. You might be surprised at how affordable it is.

That’s it!

You can’t afford not to protect your healthcare profession. Your reputation, bank account, and patients’ well-being depend on it. Learn more now!

Blog

Tips for protecting yourself and your business.

Nurse

Celebrate National Student Nurse Day on May 8

Healthcare

National Nurses Week: Celebrate May 6-12

Healthcare

Why Nursing Students Need their Own Professional Liability Policy

Healthcare

How to Find Affordable Professional Liability Insurance for Home Health Providers

Healthcare

5 Benefits to a Career as a Pharmacy Technician

Healthcare

How Digital Pharmacies Will Change the Industry

Healthcare

How to Become A Pharmacy Technician

Healthcare

Supporting Providers in the Age of Telehealth

Healthcare

12 Keys to Finding the Best Physical Therapist Insurance

Healthcare

When Are Lab Technicians Liable? Five Reasons to Carry Professional Liability Insurance

Healthcare

What Is and Isn’t Covered by Malpractice Insurance?

Healthcare

Why COVID Testing Labs Should Carry General Liability Insurance

Healthcare

Do Occupational Therapists Need Malpractice Insurance?

Healthcare

Can Lab Technicians Be Sued for Malpractice?

Cyber

5 Reasons Cyber Security Insurance Is Becoming More Important Than Ever

Cyber

What Sort of Insurance Will Cover Physical Therapists?

Cyber

Helping Hesitant Patients Embrace Telehealth

Cyber

Why COVID Testing Labs Should Have Cyber Security Insurance in Case of a Data Breach

Healthcare

GI Nurses and Associates Week: Highlight A GI Nurse Hero March 21-27

Healthcare

What Malpractice Risks Do GI Nurses Face?

Healthcare

What Kind of Nurse Should You Be? Check Out the Growing Field of Gastroenterology

Healthcare

6 Risks Lab Technicians Face Without Professional Liability Insurance

Healthcare

Do Contact Tracers Need to Protect Themselves with Professional Liability Insurance?

Cyber

Telehealth Rules Relaxed During Pandemic

Cyber

Telehealth is More Than Just Video Appointments

Healthcare

Pharmacists: Which Specialty Is Right for You?

Healthcare

Sued for Malpractice: A Guide for Nurses and NPs

Healthcare

A Guide to Medical Director Insurance and the Costs

Healthcare

2021 Trends to Look for in Occupational Therapy

Healthcare

Become a COVID-19 Contact Tracer

Healthcare

How Much Does Physician Assistant Malpractice Insurance Cost?

Healthcare

Lab Technicians: Is a Travel Job Right for You?

Cyber

Why Your Agency Needs Home Healthcare Insurance

Healthcare

Covering Covid-19: Is Your Medical Laboratory at Risk?

Healthcare

A Complete Guide to Insurance for Physical Therapists

Healthcare

The Costs of Medical Staffing Agency Insurance

Healthcare

Why Start a Non-medical Home Healthcare Business

Healthcare

IV Nurse Day: Celebrate Jan 25

Healthcare

How to Become an IV Nurse

Healthcare

Charting by Exception: Errors by Omission or The Efficient New Norm?

Healthcare

Are You a Culturally Competent Nurse?

Healthcare

Risks of Abbreviations in Nurse Charting

Healthcare

A Guide to Starting a Home Healthcare Business

Healthcare

Nurses and The Good Samaritan Law

Cyber

Cyber Liability and HIPAA Compliance

Cyber

Why Hackers Love Healthcare Data

Cyber

Ransomware Rampant in Among Small Businesses

Cyber

What is the cost of a data breach?

General

NOW Insurance closes $2.5 million seed round, enhances AI-enabled platform

Cyber

Cost of a HIPAA Violation

Cyber

How to Create a Small Business Cyber Security Plan

Cyber

Small Business and Cloud Storage: Is Your Data Secure?

Cyber

Social Engineering: 7 Common Red Flags

Insurance Basics

Getting Liability Insurance for Events

General

Starting an Event Planning Business: A to Z

Insurance Basics

How Much Does Event Planning Insurance Cost?

Insurance Basics

Insurance for Event Planners: What You Need to Know

Insurance Basics

What’s Included in Event Planning Insurance Coverage?

Insurance Basics

What Can a Tax Preparer Be Held Liable For?

Insurance Basics

Tax Preparer Insurance 101

General

4 Nurse Staffing Issues to Avoid

General

What You Need to Know to Be a Tax Preparer

Insurance Basics

Insurance for Bookkeepers: A Complete Guide

General

How to Start a Nurse Staffing Agency

Insurance Basics

What is Liability Insurance for Bookkeepers?

General

How to Build Customer Relations in Your Business

Insurance Basics

A Guide to Medical Staffing Insurance

General

Developing an Effective Risk Management Plan

Insurance Basics

All You Need to Know About Therapist Insurance

Insurance Basics

What is Malpractice Insurance for Counselors?

Insurance Basics

Benefits of Therapist Liability Insurance

Insurance Basics

What’s the Average Counselor Malpractice Insurance Cost?

Insurance Basics

Risk and Hazards of Being a Massage Therapist

Insurance Basics

Do Nutritionists Need Insurance?

Insurance Basics

What’s Included In Massage Insurance Coverage?

Insurance Basics

Everything You Need to Know About Malpractice Insurance Coverage For Nutritionists

Insurance Basics

Do Massage Centers Need Insurance?

Insurance Basics

How Much Does Nutritionist Insurance Cost?

Insurance Basics

Insurance Plans For Nutritionists: Everything You Need to Know

Insurance Basics

Massage Therapy Insurance: A Beginner’s Guide

General

Coronavirus Outbreak: 3 Tips to Keep Your Healthcare Business Safe

General

Company Working From Home? Stay Safe of Cyber Attacks

Insurance Basics

Business Interruption Insurance and Coronavirus

General

4 Best Practices for Medical Workers During the COVID-19 Outbreak

Insurance Basics

Inside the Hacker’s Mind – Social Engineering

Insurance Basics

Do Consultants Need Insurance?

Insurance Basics

Fitness Center & Gym Insurance: A Beginner’s Guide

General

Should Your Company Work From Home During the Coronavirus Outbreak

Insurance Basics

Why Your Business Needs Wellness and Fitness Insurance: A Comprehensive Guide

Insurance Basics

What Is the Cost of Gym Insurance?

Insurance Basics

What Insurance Do Consultants Need?

Insurance Basics

How Much Is Insurance For a Consultant?

Insurance Basics

Benefits of Consulting Insurance Coverage

General

Pay as You Go Insurance for Healthcare Professionals

General

You Have Your Physician Assistant’s License: Now What?

General

Why Are You Still Buying Occurrence Malpractice Coverage?

General

What Does Malpractice Insurance Cost?

General

Physician Assistant Malpractice Coverage: A Practical Guide

General

Do Student Nurses Need Malpractice Insurance?

General

Ouch, You Hurt Me! Do Nurse Practitioners Need Their Own Malpractice Policy?

General

What Type of Insurance Do Nurses Need?

General

Understanding Insurance Terms: Back to Basics

General

What Does Professional Liability Insurance Cover?

General

Types of Insurance Available for Small Business Owners

General

Potential Small Business Risks

General

General Liability Insurance: How to Keep your Business Protected

General

Choosing a Business Insurance Provider: Everything You Need to Know

General

Business Insurance Plans – Do I Need One?

General

Benefits of Professional Liability Insurance

General

What Is the Average Cost of Errors and Omissions Insurance?

General

What Is Cyber Liability Insurance?

General

What Does Errors and Omissions Insurance Cover?

General

Cyber Insurance 101: Why You Need It

General

What Does a Cyber Liability Policy Cover?

General

Errors and Omissions Coverage: What Is It & How Does it Work?

General

What Is the Average Cost of Cyber Liability Insurance?

General

Who Needs Errors and Omissions Coverage?