The document discusses data breaches in the healthcare sector. It notes that data breaches have become more prevalent due to security loopholes that make intruder penetration and access easier. Reasons for data breaches include technological advancements, gaps in business procedures and security, lack of technological skills and employee unawareness of information systems. Potential solutions discussed include educating healthcare staff on security measures, implementing data usage controls, encrypting data, and conducting regular risk assessments.
Hierarchy of management that covers different levels of management
Healthcare Data Breaches: Causes and Solutions
1. Hello Shreya,
Detailed analysis of data breaches that occurred in the
healthcare sector
The instances of data breaches have now been prevalent
because the security networks have some loopholes by which
the intruders’ penetration and accessibility become easier and
efficient. The authors also illustrated in the article the diverse
factors that accelerate data breaching concerning technological
advancement (McLeod & Dolezel, 2018). Apart from the
loopholes in the organizational elements, certain gaps in
business procedure also expose the security threats facilitating
data breaches multiple times. In this scenario, technological
availability is one of the major reasons for occurring data
breaches. The healthcare sector incorporates diverse advanced
technologies to secure their stored patients’ information pieces
concerning technological improvements. Lack of technological
skills leads to human errors from where data breaches have
become more general, reflecting the severity of the attack i n the
healthcare sector that is articulated in the article. Accordingly,
employees’ unawareness about the information systems also
leads to data breaches. Due to their lack of concern, the
specifications in the security applications have not been
processed, ultimately leading to the massive failure in securing
the patients’ data.
Reasons of causing those problems
Data breaches that occurred in the healthcare sector
might be caused by insisting on diverse factors. Human error is
an important factor, proliferating the vulnerable areas within
databases and other information systems multiple times. The
intruders acquire the opportunities to access the databases
compromising massive data. The certain erroneous actions of
employees also lead to massive failure in business procedures,
exposing the severity of data breaches. Accordingly, using weak
passwords in databases containing the patients’ information and
2. leaving those data unencrypted has also led to severe problems,
facilitating easier data hacking methods. In addition, while the
authority does not patch software periodically, the vulnerability
within the software has been exposed from where the hackers
have acquired the possibility for intrusion and proceeded with
data breaches. Due to technological incapability, sometimes, the
healthcare authority does not regulate data transmissions
actively, leaving the stored data susceptible and actively
enhances the risks of exposure to data breaches. Human errors
always enhance these loopholes multiple folds from where the
severe problems have been facilitated.
Potential solutions against the threat factors
Hello DEEPESH,
Technology in healthcare is providing numerous opportunities
to transform and improve the services such as improving
clinical outcomes, reducing human errors, keeping patient data
up to date for research purposes etc. Information Systems,
Internet of medical things, cloud services have transformed the
healthcare industry digitally. Data has become an important part
for the healthcare industry to provide better services. With the
increase in demand to the technology and reliability on data in
healthcare industry, there is also a spike in the data breaching
instances. As per a report, In the United States 600 healthcare
data breaches has been reported in year 2020 which was the
55% increase than the previous year. These figures depict the
increased impact of cybersecurity and data breaches (Vaidya,
2020).
Health insurance companies are the main victims of data
breaches which exposed the personal data of their customers
including birth dates, place, names, addresses, SSN, and other
important info. Financial data easily become unusable as people
can easily change their debit/credit numbers but in case of
medical data, it is unvindicable and hence become so useful for
cybercriminals. Mostly they target data from pharmaceutical
3. and biotech intellectual property. In the healthcare industry
everything like health application over phone, insulin pumps are
well networked which leaves unique openings for hackers and
leads to security breaches.
Data in technology plays a crucial role, so the necessary steps
should be taken to prevent it from compromising. Healthcare
industry should follow HIPAA security and privacy rules. Apart
from this, educating healthcare staff about the security measures
is also very necessary. Implementing data usage controls,
encrypting data, giving only necessary access to staff, securing
mobile devices, conducting regular risk assessments, mitigating
connected device risks, logging and monitoring use, restricting
access to data and applications, carefully utilizing off-site data
backup are the other important measures to be practiced (Lord,
2020).
Hello Pritesh,
Discussing the case study in detail
According to Wang & Johnson (2018), the discussion is mainly
on the data breach incident in Equifax. This cyber-attack case
happened in March 2017, where the personal data of millions of
people was stolen from the system of Equifax. Through this
incident, Equifax has faced a lot of financial problems, and the
condition of the people's health also became a great concern for
the company. This case study shows some of the important
information of how the situation has happened in the company
and what things are lacking within the system for which the
attackers get the chance to involve within the system.
Reasons for having this data breach problem
As per the cyber-security experts' report, several security lapses
within the system allow the attackers to enter into the system.
Another reason is an SSL certificate that they used for security
purposes also expired, and for that incoming traffic network
could not be decrypted properly. The attackers get the chance to
involve and encrypt their activities and make some decent
4. changes within Equifax's server. It is seen that Equifax was
unaware of the suspicious activities, and also they are lack in
this situation's knowledge, and for that reason, this problem has
arisen within the system. Around 143 million customers
suffered from this incident, and this is one of the biggest data
breach incidents that causes a big failure to the company's
reputation, work culture and trust that they gained from the
customers all goes in vain with this incident. The technologies
that have been involved within the company did not work as it
required to be done, and for that, they fail to protect this
personal data of the customers, and this made a big blunder for
the company to manage the situation well.
Potential solutions
As per the discussed situation, it could be said that Equifax
needs to update the SSL certificate procedure first as it the main
equipment of Equifax to protect any unethical or unauthorized
operation done within the
Hello Akif,
Cause of the problem
Data is very vulnerable at the same time, very important
for any organisation. A lot of data is generated in different
organizations. They are also doing a lot to make sure that the
data is protected in the right manner. In healthcare as well, the
concept of data integrity has become a major concern (Pandey et
al., 2020). Data breaches in healthcare can result in a lot of
consequences. Managing the data in healthcare is very critical,
but it is also very difficult to handle them due to composite it
since it is also complex in the hospital and can feel capacity
pressure. The leakage of patient information is very vulnerable.
Due to huge complexity and constant pressure, it becomes very
difficult to handle the data in the right order.
The solution to the problem
5. The Healthcare sector is one of the vulnerable areas, and thus it
is important to solve the problem, but initially, it is important to
find the issue through which it occurred so that we can go in
finding the right solution to mitigate the risk. One of the areas
is human error, as per which there are various reasons why
humans become an unknown reason for the data breach. Due to
a lack of consciousness or any carelessness of the internal
associate, the problem may take place, and thus it is important
to have detailed information about the same (Chernyshev et al.,
2019). Thus it is very important to have a good policy that
employees of the organisation should follow. The data breach
situation can also be resolved with the help of proper
technological equipment in the company. The new data help fill
the gap between the two ministers; the companies need to keep
updating uses and adopt new approaches that will help better
understand.
It is essential to give the staff in the organisation a proper
understanding of what is to be done if the need use any quick
action can be taken. The restriction must be there concerning
the data and its access so that it will be more secure, and thus
the action and track of people will be kept. It is important to
keep monitoring because the update and all can be properly
taken place with. For the double security aspect, it is beneficial
to always encrypt the data as the data will remain safe even if it
is stolen since then, the attacker will not be able to harm me.
Mobile devices are connected with security and all of those
aspects (Seh et al., 2020). Various risks are also incorporated
with the connected devices, and thus it is important to keep
track of the same. It is also used to mitigate the risk so that it
wouldn't be transferred. It is also a good action to keep doing
the risk assessment since it will be well known what is to be
done in the case of the risk. It is also important to keep the
password, and other protecting elements keep changing since it
blocks the path of the mitigation.