Healthcare Facilities Remain a Top Target for Data Breaches

Research identifies the impact cyberattacks have on this industry and the help they need to mitigate them.


The HIPAA (Health Insurance Portability and Accountability Act) Security Rule demands that healthcare organizations have safeguards in place to ensure the confidentiality, integrity, and availability of data that qualifies as protected health information (PHI). Violators are financially — and sometimes criminally — penalized. Pleading ignorance of the rule, especially following a healthcare data breach, is not a valid excuse.

In the wake of a global pandemic, stay-at-home orders forced healthcare employees to move away from the more secure networks within hospitals, clinics, and medical centers, to the vulnerable networks of their homes. Therefore, healthcare executives were faced with the challenges of mitigating risks presented by the “new normal.”

While IT professionals quickly pivoted to implement the additional cloud resources necessary to meet privacy laws and regulations both inside and outside the four walls, infiltration attacks were still on the rise throughout 2020.

Why PHI is Highly Prized

The CyberRisk Alliance (CRA) Healthcare Cybersecurity Breach Report, sponsored by Infoblox, explains why healthcare is a target. PHI records contain a patient’s full name, address history, financial information, Social Security number, as well as other personal data that presents a treasure trove of opportunities for the monetization of assets, identity theft, and even ransom attacks. According to credit reporting agency Experian, healthcare data records can fetch a cool grand on the dark web compared to the going rate of just $5 for a credit card number.

Here are the top healthcare industry threats over the last 12 months that CRA uncovered and how IT leaders are responding.

Top Cloud Networking Attacks

The top four cloud networking attacks that healthcare facilities have experienced in the last 12 months are:

  • Data breaches, 53 percent
  • Cloud malware, 47 percent
  • Denial of service or distributed denial of service (DoS/DDoS), 37 percent
  • Malicious insider attack, 37 percent

Top Impacts of a Network Outage

When it comes to the impact that network outages have on their healthcare organization, respondents in the United States cited:

  • Loss of intellectual property or data, 51 percent
  • Customer breach notifications, 51 percent
  • Financial loss, 47 percent
  • Operational disruption, 48 percent

Financial Losses

Among the respondents to the survey, 34 percent reported financial losses of $2 million or more, and 13 percent had losses greater than $5 million. In the United States, 42 percent of respondents cited losses of $2 million or more, with 20 percent having losses greater than $5 million.

Concerning network outages, 43 percent of respondents reported financial losses of $2 million or more, with 15 percent having losses greater than $5 million. In the United States, 56 percent of respondents cited losses of $2 million or more, with 24 percent having losses greater than $5 million.

Anticipated IT Security Threats and Risk Mitigation

Three risks have healthcare organizations most concerned over the next year:

  • Cloud vulnerabilities and misconfigurations
  • IoT attacks
  • Attack to manipulate data/statistics

Organizations responding to the survey view network monitoring, threat intelligence and threat hunting as the most effective tactics for preventing healthcare data breaches.

Most organizations also realize that preventing healthcare data breaches is much more cost-effective than the reactive strategy. As previously mentioned, the financial losses of data breaches and network outages combined were greater than $10 million for 44 percent of respondents in the United States. Compare that to the 70 percent of U.S. respondents who estimated the projected costs of preventing a breach at less than $5 million annually. It’s easy to see why IT leaders and their organizations are ready to invest in preventative solutions.

Building a More Secure Tomorrow

Securing remote healthcare workforces and reducing the chances of healthcare data breaches require several elements, including good foundational security through secure DDI (shorthand for the first letter in acronyms for domain name system [DNS], Dynamic Host Configuration Protocol [DHCP] and IP address management [IPAM]). More information is available in the U.S. Department of Health and Human Services (HHS) Cybersecurity Program’s Securely Teleworking in Healthcare report offering detailed suggestions for strengthening security in the remote workplace.

Software developers have an opportunity to help healthcare IT professionals create a secure environment on and off the campuses of healthcare organizations. Where can your applications offer value?


The former owner of a software development company and having more than a decade of experience writing for B2B IT solution providers, Mike is co-founder of DevPro Journal.