Social security number or credit card information? According to partner Lynn Sessions and associate Nita Garg of Baker Hostetler, medical information is the most valuable to hackers.
“Hackers have increased their focused attacks on the U.S. healthcare industry,” they said, relying on information from the Ponemon Institute citing a 20 percent increase in healthcare organizations reporting cyberattacks between 2009 and 2013. According to security experts, this increase stems from weak institutional security coupled with profitability of health records. “Unlike credit cards, which may be quickly canceled once fraudulent activity is detected, it often takes months or years before patients or providers discover the theft of medical information,” said Sessions and Garg.
We reported recently that the majority of health care breaches stem from the health care providers themselves. Between 2011 and 2012, protected health information was the leading cause of breaches in the health care industry, whether through theft, loss, unauthorized access or hacking incidents. The authors noted in their post that many healthcare companies rely on old computer systems. This, along with the switch from paper medical records to electronic ones, adds electronic fuel to the online fire. In the black market, health information is 10 to 20 times more valuable than a credit card number, they said. This information includes names, birthdays, policy number, diagnosis codes and billing information, they said.