An increasing share of cybercriminals are targeting EHRs, HHS warned healthcare providers in a Feb. 17 threat brief.
“It is recommended that healthcare leaders shift their focus by moving beyond a prevention strategy and creating a proactive preparedness plan," HHS said in the brief.
The brief detailed why EHRs are such attractive targets for hackers. It outlined the 18 identifiers that "provide criminals with more information than any other breached record." They are the following:
- Names
- Dates, except year
- Telephone numbers
- Geographic data
- Fax numbers
- Social Security numbers
- Email addresses
- Medical record numbers
- Account numbers
- Health plan beneficiary numbers
- Certificate/license numbers
- Vehicle identifiers and serial numbers including license plates
- Web URLs
- Device identifiers and serial numbers
- Internet protocol addresses
- Full face photos and comparable images
- Biometric identifiers (such as retinal scans and fingerprints)
- Any unique identifying number or code