A wave of data breaches has hit the healthcare industry, bringing in new concerns for healthcare providers with the start of the New Year. It has been noted that the recent data breaches have stemmed from stolen mobile devices and incidents of identity theft. The recent data breaches also included one that resulted from a telephone scam and another from the loss of a laptop.

Gibson General Hospital in Princeton, Ind., experienced a major data breach when alaptop containing personal information on thousands of patients was stolen from an employee’s home in an incident of burglary. This laptop was being used by an employee who required continuous access to patient records. According to the hospital, the laptop had security measures in place, including password protection. However, the device is said to have contained patient names, addresses, social security numbers, and clinical information, which may be at risk. The hospital has sent notifications to 29,000 patients being treated from 2007.

In a similar incident, the University of Michigan Health System notified nearly 4000 patients regarding a potential breach following the theft of an unsecured electronic device from the car of an employee of the hospital management’s vendor Omnicell. According to Detroit Free Press, the device contains medication, demographic and health details of patients at three hospitals treated between October 24th and November 13thlast year.

The Louisiana State University health system also experienced a similar data breach which has put patient financial information at risk. In this incident however, a former billing department employee has been charged with 377 counts of identity theft. The health system notified 416 patients after a hospital employee reported that counterfeit checks totaling up to $2,500 were written on her account.

In yet another incident, which affected 1,090 clients of Kentucky Medicaid, personal information including social security numbers was compromised. This was a result of an employee of Carewise Health (a subcontractor of Hewlett-Packard Enterprise Services) who manages Medicaid’s Information management system, fell for a hacking attack, which gave the hacker unauthorized remote access to the facility’s system.

Although in general hackers are in the lookout for financial information which they can benefit from, the more targeted attacks taking place in the current day tell a different story. It clearly reveals the potential for cyber-terrorism and the possibility for much darker schemes in the coming future.

This situation calls for serious action from healthcare entities. Healthcare providers, physicians, and their business associates should be educated about protecting patient health records, especially those that are stored in electronic form. A comprehensive data security platform like SecureGRC is the ideal solution for healthcare providers, as it comes with the capability to detect vulnerabilities and loopholes in the system, curbs threats and thus prevents data breach incidents from taking place.

The post Are there More Data Security Woes for Healthcare Entities in 2013? appeared first on Aegify.