IT Security Missteps for Healthcare Industry in 2019

Published in Member Communities on July 16, 2019

When we know better, we do better. It comes to no surprise that every year there will be security breaches. Our hope is that each year we are able to play a part in limiting the number of breaches that occur. These are just a handful of the data breaches that have happened in the healthcare industry so far this year. We can learn from these incidents and take time to realize the consequences of lagging behind in cyber defense.

Touchstone Medical Imaging

Touchstone Medical Imaging faced a hefty breach costing them $3 million. It occurred when the company left one of its FTP servers open. An FTP server is a type of computer where file exchanges happen. Unfortunately, this ended up being accessible over the internet, letting unauthorized individuals have access to protected health information.

It took the company five months to take actions to secure the information, thereby exposing more patients for even longer. Additionally, they failed to notify the patients of the breach and the media in accordance with federal law.

UW Medicine

One million patients’ PHI was exposed through Seattle’s UW Medicine server. Protections on their server were accidentally removed, causing sensitive information to be accessed by internet search engines. Anyone was able to access this information. It was first discovered by a patient who searched their own name online and saw their personal information displayed in the open. The information exposed was directly related to their patient care, not any social security or financial information. They acted quickly and swiftly upon finding out about the breach, but alerting patients alone cost them $1 million.

Navicent Health

This breach was the direct result of a cyber attack through Navicent’s email system. All PHI was compromised including the financial and social security information. It impacted 278,016 patients.

American Medical Collection Agency

The AMCA had a system hack that impacted twenty million patients. The hack went unnoticed for 8 months. This is obviously a gross amount of negligence on the part of the AMCA and will cost them millions of dollars. The investigation is still ongoing as to why it took them so long to identify the breach and what they plan to do about the attack.

Healthcare industries cannot take cybersecurity too seriously. The information that hackers want is incredibly valuable and it's imperative that the industry takes protecting it seriously. Talk to us about cyber insurance for breach protection.


comments powered by Disqus

From Our Experts

NCART: House Circulates Sign-On Letter for CRT Manual Wheelchair Accessories thumbnail NCART: House Circulates Sign-On Letter for CRT Manual Wheelchair Accessories NCART recently announced some good news from our Congressional champions. As we prepare for National CRT Awareness Week, Representatives John Larson (D-CT) and Lee Zeldin (R-NY) are circulating a bipartisan letter to CMS for additional signatures to ensure people with disabilities who use Complex Rehab Technology (CRT) manual wheelchairs have the same access as those using CRT power wheelchairs. We need you to get your Representative to sign on! HME News: Accessories: Time to Follow Up, Stakeholders Say thumbnail HME News: Accessories: Time to Follow Up, Stakeholders Say Complex rehab stakeholders are working with their champions in Congress to craft a letter asking CMS to permanently change its payment policy on accessories for complex rehab manual wheelchairs, according to a recent article from HME News. HME News Business Summit 2020 thumbnail HME News Business Summit 2020 Join us as we talk with Liz Beaulieu, Editor of HME News, about the upcoming virtual HME News Business Summit. DMEPOS Warriors: Brooke Strachan, Owner of The Boob Shop thumbnail DMEPOS Warriors: Brooke Strachan, Owner of The Boob Shop When hard times come, it's not always easy to think on the bright side. For Brooke Strachan, finding the positives in any situation is her philosophy, and this state of mind is what led to her owning her own business. More Details on Medicare Audits Beginning August 3 thumbnail More Details on Medicare Audits Beginning August 3 In recent meetings with CMS, The van Halem Group has learned that while the date to begin medical review functions is August 3rd, there will likely be a delayed time frame before audit requests officially go out. CMS is currently working to develop instructions for contractors and intends to take a "toe in the water” approach, as opposed to opening up a flood gate of audits. HME News: Challenging Fall Awaits Complex Rehab Providers thumbnail HME News: Challenging Fall Awaits Complex Rehab Providers Don Clayback, executive director of NCART, stated that complex rehab providers could see a downturn in revenues in late summer, early fall. 2020 HME Woman of the Year Nominations Open Through August 14 thumbnail 2020 HME Woman of the Year Nominations Open Through August 14 Now in its fifth year, the award, sponsored by VGM, recognizes one woman in the industry who has made increasingly significant contributions throughout her career to her company, community, and the home medical equipment industry. VGM's Mike Mallaro on How to Get to the Other Side thumbnail VGM's Mike Mallaro on How to Get to the Other Side The COVID-19 pandemic has broken the mold for how the HME industry has always done business, but that can create opportunity—if providers are open to it, says VGM CEO Mike Mallaro.