Health systems need to show a greater “culture of security,” as data breaches continue to show “a relentless uptick,” Fortified Health Security service notes in a 2023 mid-year report.
So far in 2023, the number of cybersecurity incidents within healthcare has increased by a whopping 104% — affecting 40 million individuals — over the same time period last year, the report shows.
The report, released at the end of last month, investigates the myriad security challenges facing healthcare companies, including how ChatGPT offers new avenues for leaking data to third parties.
“The first half of 2023 has presented hospitals and health systems with a host of challenges that are hard to ignore,” Fortified Health CEO Dan Dodson said in the report. “From staffing and budget constraints to technological and cybersecurity limitations, the task of ensuring patient safety and data protection has become increasingly demanding.”
Dodson spoke with McKnight’s Long-Term Care News earlier this year about how COVID issues and staffing needs may have caused providers not to prioritize spending on data security, to their detriment.
Other experts have sounded the alarm recently as well, characterizing cybersecurity as the biggest concern within the healthcare industry.
Some specific recommendations the report makes is for companies to institute multifactor authentication in all systems and internet-facing resources, and for risk-based identity alert monitors that could automatically block access from users flagged as suspect.
Although the explosion of AI in healthcare is too new a development for hard data, the report cites several experts expressing concern or outright alarm at the lack of evaluation or policies to make sure tools such as ChatGPT don’t increase security threats.
Some solutions could come from the federal government, in the form of new legislation, new rules requiring public disclosure of attacks, or continued access to federal grants, the report states.
So far in 2023, the majority of breaches have been reported by healthcare providers, and three-quarters of the data leaks were attributed to hacking. Data leaks have proved to be costly and time-consuming, with high-profile cases such as HCA Healthcare’s data leak last month that led to multiple lawsuits.
The full report can be accessed for free here.