Hospitals and health systems within the U.S. account for around one-fourth of all U.S. cyberattacks, making healthcare the No. 1 industry targeted by data breaches, according to a survey from law firm BakerHostetler and cited by Corporate Counsel.
The publication interviewed healthcare attorney Lynn Sessions, who is an expert in healthcare cybersecurity. During her 20-plus year career, she has handled more than 550 industry data breaches.
Below are three cybersecurity trends noted by Ms. Sessions.
1. Phishing emails are the biggest source of data breaches, followed by inside jobs.
"The first trend is that healthcare continues to be under attack, both from outside sources such as hackers as well as through some inside jobs. Because HIPAA is the overarching law in this space, it sets a low threshold for notification purposes," Ms. Sessions told Corporate Counsel.
2. Hospitals are now beginning to invest more in cybersecurity.
"As more of these organizations use electronic medical records, they are amassing large volumes of healthcare data for really good reasons and for a long time," she said. "So, it has become a necessity to create a position high up in the organization to oversee the security function."
3. Unauthorized viewing of medical records by employees is becoming more common.
"The Office of Civil Rights takes employee snooping very seriously. I see about one case a month involving it. You have to educate your staff, and a bad acting employee has to be sanctioned, up to firing, depending on the case," she told Corporate Counsel.