December 17, 2015//Tori TaylorLast Updated: February 03, 2022
On the black market, medical records are ten times more lucrative than credit cards. Which explains why some of the largest data breaches of the last decade have been healthcare providers and health-insurance companies.
While security experts were urges hospital IT departments to bunker down to prepare for the inevitable onslaught of attacks, it appears a string of companies that work outside the healthcare sector lost medical records as well – sometimes without even knowing it.
Verizon business division recently published a finding that shows healthcare companies are only part of the problem. According to the report, 90 percent of industries, including financial services, retail, construction, education and others, have suffered breaches that compromised personal health information – or PHI.
Companies outside of healthcare typically house PHI in databases of employee benefits programs and the like. The most troubling part of this newly illustrated information is that many of these companies have no idea how valuable these records are. As a result, extensive precautions to protect them are rarely taken.
Suzanne Widup, the report’s lead author, explains, “They’re focused on protecting their customer data, or they’re focused on their intellectual property. And that’s why I think that when some of these breaches have happened, it’s been a bit of a shock to organizations.”