A new study finds that teaching hospitals are more likely to suffer from data leaks.
In a new study published by the Journal of the American Medical Association (JAMA), researchers found that larger health care providers and teaching hospitals are more likely to have data breaches. At the John Hopkins Carey Business School, Assistant Professor Ge Bai identified that around 1,800 data breaches were reported in the last 7 years, and he found that, the larger the hospital, the more data breaches occur.
The authors of the study revealed that in 2016 hospitals, 257 breaches were reported. A number of them were breached multiple times; most of them being major teaching hospitals.
Why do hackers want my medical records?
Unlike bank details, medical records are not always an obvious target. Armed with bank details, hackers can easily transfer money straight out of victims’ bank accounts; resulting in an evident financial loss. With medical records, we tend to think… ‘who would want to know which patients have a bunion or a broken leg?’
Medical records are heavily targeted by hackers as they contain sensitive and private information that can be extremely valuable to dark web users. They can use this information to access further sensitive information by impersonating the data owner. They can also use the information to impersonate a service provider like the data owner’s bank. When someone gets a call from their ‘bank’ who can verify their date of birth and address, they may be fooled into thinking the caller is indeed from their bank. In some cases, hackers will use the stolen information to blackmail the data owner, holding the sensitive and potentially embarrassing information hostage for a ransom.
A “fundamental trade-off”
Due to the nature of medical records, they need to be accessed easily and quickly by doctors when attending to patients. For example, when a patient comes in and is unconscious, doctors need to know if they have any allergies to any medications to avoid severe allergic reactions. The medical world is constantly changing and therefore researchers need access to medical information to find cures and remedies for the ever-changing diseases and ailments.
In the JAMA, researchers identified the existence of a “fundamental trade-off” between data access and data security, highlighting that “Broad access to health information – essential for hospitals’ quality improvement efforts and research and education needs” significantly increases the risk for a data breach.
The study was carried out after cyber-attackers gained access into MedStar Health’s system and encrypted all their medical records. They held the information for ransom. In January, over 1,300 people were also affected by a breach into the University of Maryland Orthopaedics Associates. Countless hospitals all over have been attacked by hackers. British hospitals and healthcare centres are constantly finding themselves victims of data hacking. So, with that being said, are teaching hospitals within the NHS at an increased risk of data leaks?
“Data breaches negatively impact patients and cause damage to the victim hospital. To understand the risk of data breaches is the first step to manage it” said Bai. “It is very challenging for hospitals to eliminate data breaches, since data access and sharing are crucial to improve the quality of care and advance research and education.” It is undeniable that our hospitals need a security upgrade: One that provides doctors and other medical professionals with vital patient information quickly without compromising security.
Has this happened to you?
If you have experienced your medical records being breached by hackers or your medical information has been shared without your permission or knowledge, request a callback today from one of our Data Leak Lawyers who could earn you compensation.
Simply fill in the form below and one of our Data Protection Act experts will be in touch.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.