IT Security Missteps for Healthcare Industry in 2019

Published in Member Communities on July 16, 2019

When we know better, we do better. It comes to no surprise that every year there will be security breaches. Our hope is that each year we are able to play a part in limiting the number of breaches that occur. These are just a handful of the data breaches that have happened in the healthcare industry so far this year. We can learn from these incidents and take time to realize the consequences of lagging behind in cyber defense.

Touchstone Medical Imaging

Touchstone Medical Imaging faced a hefty breach costing them $3 million. It occurred when the company left one of its FTP servers open. An FTP server is a type of computer where file exchanges happen. Unfortunately, this ended up being accessible over the internet, letting unauthorized individuals have access to protected health information.

It took the company five months to take actions to secure the information, thereby exposing more patients for even longer. Additionally, they failed to notify the patients of the breach and the media in accordance with federal law.

UW Medicine

One million patients’ PHI was exposed through Seattle’s UW Medicine server. Protections on their server were accidentally removed, causing sensitive information to be accessed by internet search engines. Anyone was able to access this information. It was first discovered by a patient who searched their own name online and saw their personal information displayed in the open. The information exposed was directly related to their patient care, not any social security or financial information. They acted quickly and swiftly upon finding out about the breach, but alerting patients alone cost them $1 million.

Navicent Health

This breach was the direct result of a cyber attack through Navicent’s email system. All PHI was compromised including the financial and social security information. It impacted 278,016 patients.

American Medical Collection Agency

The AMCA had a system hack that impacted twenty million patients. The hack went unnoticed for 8 months. This is obviously a gross amount of negligence on the part of the AMCA and will cost them millions of dollars. The investigation is still ongoing as to why it took them so long to identify the breach and what they plan to do about the attack.

Healthcare industries cannot take cybersecurity too seriously. The information that hackers want is incredibly valuable and it's imperative that the industry takes protecting it seriously. Talk to us about cyber insurance for breach protection.


comments powered by Disqus

From Our Experts

VGM Calls for Heartland Conference Speakers thumbnail VGM Calls for Heartland Conference Speakers VGM is now accepting proposals from prospective speakers for its annual Heartland Conference. SoClean Launches Device to Disinfect Phones, Keys, Household Items thumbnail SoClean Launches Device to Disinfect Phones, Keys, Household Items SoClean recently launched Device Disinfector, which allows for multiple small household items to be disinfected in 10 minutes. Using activated oxygen, it kills up to 99.9% of bacteria and viruses. 6 Ways to Make CPAP Repair Less Painful thumbnail 6 Ways to Make CPAP Repair Less Painful In this episode, we visit with Ronda Buhrmester, Sr. Director of Payer Relations & Reimbursement for VGM & Associates, and Dan Meyer, Chief Revenue Officer for Repair Authority, about providers' most pressing questions about CPAP repair and how Repair Authority has the solutions providers are looking for. Jurisdictions B and C: Claim Payment Alert 151 MUE Incorrect Processing thumbnail Jurisdictions B and C: Claim Payment Alert 151 MUE Incorrect Processing CGS Administrators recently sent out a news alert for Jurisdictions B and C. They aware of a claim payment issue in which some claims may have applied Medically Unlikely Edit (MUE) values incorrectly on the dates September 23, 2020 and September 24, 2020 only. Claims may have paid or denied in error as a result. CGS is correcting this issue and has indicated that it is a number 1 priority with them.  For more information, watch Ronda's vlog. HME - Past, Present & Future:  State of the Industry/Benchmarking Update thumbnail HME - Past, Present & Future: State of the Industry/Benchmarking Update I was honored to recently present at the 2020 HME News Business Summit, which was held Sept. 15-17, and, due to COVID-19, in a first-time “virtual” format. My session included a series of data, trends and analysis as to the state of the industry from 2010 to the present, and included financial and operational highlights from supplier submissions applicable to their 2019 results. Here is a summary of the presentation. Helping Your Employees Rebuild and Find Happiness thumbnail Helping Your Employees Rebuild and Find Happiness Every employee has a different set of circumstances coming at them, especially so far in 2020. While taking care of our employees, we still have businesses to run. To be successful, the best leaders will start with their employees. How do you help your employees to rebuild themselves and also find happiness? DMEPOS Warriors: Michael Tracey with Aspirus At Home Medical Equipment thumbnail DMEPOS Warriors: Michael Tracey with Aspirus At Home Medical Equipment VGM & Associates always enjoys highlighting our members who are a shining example of excellence in DME. The current business environment can be difficult to navigate and generating revenue can sometimes be a challenge. However, Michael Tracey shares with us how he helped lead Aspirus At Home Medical Equipment to success and provides tips for how Aspirus generates revenue. 10 Ways to Keep Your Employees Engaged During a Pandemic thumbnail 10 Ways to Keep Your Employees Engaged During a Pandemic In this episode, we sit down with Arienne Martinez, director of training and development for HOMELINK, a division of the VGM Group. Arienne chats with us about her recent article that was featured in the latest VGM playbook, “Protecting Your Most Important Asset: Your People,” about keeping your employees engaged during the pandemic, especially with much of the workforce working remote.