The personal information held by clinics, hospitals, and other businesses involved in healthcare is more vulnerable to hacking than confidential data held by financial institutions, according to experts.
This is because the medical forms that patients submit to their health insurer and health professionals can be easily accessed by cyber criminals as the healthcare industry lags behind banks in safeguarding sensitive information, such as names, birthdates, and Social Security numbers.
With these pieces of information, hackers can steal a person’s identity, file false tax returns, create fake medical records, and open lines of credit.
“It’s an entire profile of who you are,” said Cynthia Larose, head of the privacy and security practice at Boston-based law firm Mintz Levin. “It essentially allows someone to become you.”
Moreover, Gartner cybersecurity analyst Avivah Litan believes that the sector is ten years behind the financial industry when it comes to protecting client data, and cybercriminals are more likely to succeed in hacking these establishments.
In contrast, banks are more vigilant in safeguarding customer data. For example, they encrypt their clients’ information and are more likely to use behaviour analytics programs and complex statistical models that can detect possible fraud, such as the use of stolen or fake credit cards.
Furthermore, experts pointed out that the healthcare industry suffered its biggest data leak in 2014 when the sensitive information of more than ten million Americans was compromised via hacking or accidents that led to data breaches such as lost laptops, revealed a government database that monitors incidents that impact a minimum of 500 people.