Modern healthcare is dependent on technology. In audiology, we have sophisticated technologies to screen and diagnose patients, improve hearing aid fittings, optimize operations, and help us provide the Best Care Experience to every patient. While these technical advancements are valuable for our industry, we need to be mindful and protect our businesses from cybersecurity risks.
There have been increased attacks on healthcare organizations in recent years, demonstrating the need for enhanced cybersecurity measures in the healthcare industry. According to the U.S Department of Health and Human Services, during almost every month of 2022, more than 1 million people were affected by data breaches at health-care organizations. And ransomware attacks targeting healthcare delivery organizations doubled from 2016 to 2021.
Cyberattacks can be devastatingly expensive. For starters, HIPAA fines start at thousands of dollars and can go up to as much as $1.5 million per incident. In addition to the exorbitant costs, data breaches can also cause irreputable damage to a hearing practice’s professional reputation and future revenue due to a loss of patient trust as well as negative media coverage and poor online reviews.
The largest healthcare cyberbreach to date was an attack on Anthem, Inc. In 2015, Anthem reported unauthorized access of consumer information, including member names, health identification numbers, birthdates, Social Security numbers, addresses, telephone numbers, email addresses, employment information, and income data. The breach was discovered by an employee – a database administrator who noticed his credentials were being used without his knowledge or consent. Since the data breach also included past enrollees, up to 80 million people had their personal information compromised. Anthem ultimately paid $39 million to resolve the ensuing litigation.