Rainbow Secure
About Us
Follow Us


The importance of cybersecurity in Healthcare

The healthcare industry has historically been a primary target of cyber-attacks. According to the 2022 Cost of a Data Breach Report by IBM and Ponemon Institute, Healthcare breach costs hit a new record high. The average breach in healthcare increased by nearly USD 1 million to reach USD 10.10 million. Healthcare breach costs have been the most expensive industry for 12 years running, increasing by 41.6% since the 2020 report. Healthcare organizations are particularly vulnerable and targeted by cyberattacks because they possess useful information of high monetary and intelligence value to cyber criminals. The healthcare data includes patients’ protected health information (PHI), financial information like credit card and bank account numbers, personally identifying information (PII) such as Social Security numbers, and intellectual property related to medical research and innovation.  

According to Thomson Reuters, a stolen health record is worth more to hackers than your credit card and may sell up to 10 times more than stolen credit card numbers on the dark web. Unfortunately, the bad news does not stop there for healthcare organizations — the cost to remediate a breach in healthcare is almost three times that of other industries — averaging $408 per stolen healthcare record versus $148 per stolen non-health record. 

In this article, you will read about  

What is Healthcare Cybersecurity? 

Types of attacks 

Biggest Healthcare Industry Cyber Attacks of 2022 

Cybersecurity Strategies and Regulations 

The importance of Protecting Data with Access, Credential Management, and Privilege Controls 

How can Rainbow Secure help  

What is Healthcare Cybersecurity? 

Healthcare cybersecurity involves a variety of measures to protect organizations from external and internal cyber-attacks and ensure the availability of medical services, proper operation of medical systems and equipment, preservation of confidentiality and integrity of patient data, and compliance with industry regulations. 

Types of Attacks 

According to the HHS Office of Information Security’s “2020: A Retrospective Look at Healthcare Cybersecurity,” ransomware attacks accounted for almost 50% of all healthcare data breaches.  

In respect of specific attack types, the 2021 Verizon Data Breach Investigations Report states that 86% of covered healthcare breaches were caused by: 

  • Errors (including mis-delivery) 
  • Web application attacks 
  • System intrusions, including those involving credential theft 

According to HIPAA Journal, “347 healthcare data breaches of 500 or more records were reported to the Department of Health and Human Services’ Office for Civil Rights” in the first half of 2022 alone. And Tetra Defense reported that healthcare accounted for nearly 20% of their incident responses in the first quarter of 2022. 

The personal healthcare information stored by healthcare providers is of great value. The information is critical and not necessarily secured with cutting-edge defenses. Uninterrupted access to information is needed 24×7 to cater to patients. Threat actors are well-versed in the situation making healthcare such a prime target for cybercriminals.  Let’s look at 10 of the biggest cyber-attacks of 2022.  

Biggest Healthcare Industry Cyber Attacks of 2022 

1. OneTouchPoint, Inc. 

The Wisconsin-based company suffered a breach involving more than 4.1 million individuals. OneTouchPoint provides mailing, marketing, and other services to healthcare organizations. 

The company said it learned of the breach beginning on April 27. On June 1, OneTouchPoint said the company learned it would not be able to determine what specific files were accessed. 

The scope of information potentially involved included names and information that may have been provided during a health assessment, the company said. 

2. Advocate Aurora Health 

The health system, which operates hospitals in Illinois and Wisconsin, suffered a breach involving 3 million patients. 

Advocate Aurora, one of America’s largest non-profit health systems, said in a statement that some information has been transmitted to other companies due to tracking technologies from Facebook and Google. These online tools, called pixels, track patient trends and preferences on Advocate Aurora’s websites. Many hospitals, and many other businesses, use pixels on their websites. 

3. Connexin Software, Inc. 

The company, which provides electronic medical records and other information technology services to pediatric practices, suffered a breach affecting more than 2.2 million people, the health department says. 

The Pennsylvania-based company, known as Office Practicum, said it discovered an anomaly on its computer network on Aug. 23. On Sept. 13, the company determined hackers removed some patient data. More than 100 practices were affected, the company said. 

4. Shields Health Care Group 

The Massachusetts-based company was hacked and the breach affected 2 million people, according to the health department. The department said it was notified on May 27. 

Shields, which provides imaging and outpatient services throughout New England, said in a statement it was alerted to suspicious activity that may have involved data compromise on March 28 

5Professional Finance Company, Inc. 

The Colorado-based company, which collects debts for healthcare systems, suffered a cyberattack that affected more than 1.9 million people, the health department said. 

Professional Finance Company said in a statement that it “detected and stopped a sophisticated ransomware attack” in February. The company said that an investigation found that certain private health information was accessed.  

PFC said it notified healthcare providers in early May about the breach, and hundreds of companies were affected. Here’s the list provided by PFC. 

6Novant Health 

Breaches involving tracking technology are becoming more common. 

Novant Health notified some of its patients and customers about the potential disclosure of patient health information to Meta due to what it described as an incorrect configuration of a pixel. More than 1.36 million people were affected, according to the health department. 

Novant said it determined on June 17, 2022, that private health information may have been disclosed to Meta, which operates Facebook and Instagram. The information could have been disclosed through Novant’s website and the MyChart portal, the North Carolina-based system said. 

7. Broward Health 

The Florida-based health system reported the breach affecting 1.35 million people on Jan. 2, 2022, the health department said. 

Broward Health said in a statement that someone gained access through a third-party medical provider. The system said it discovered the breach on Oct. 19, 2021, and notified the FBI and the U.S. Department of Justice. Broward Health said the justice department advised the organization to “briefly delay this notification to ensure that the notification does not compromise the ongoing law enforcement investigation.” 

8. Texas Tech University Health Sciences Center 

The health sciences center was hit in a hacking incident that affected 1.29 million people, the health department said. The breach was reported to the department on June 7. 

Citing a news release from Texas Tech, FOX 34 in Lubbock, Texas reported that the organization said the breach involved information held by Eye Care Leaders, Inc., a third-party service provider of an electronic medical records system used by Texas Tech’s health sciences center. 

9. American Medical Collection Agency 

In 2018, hackers breached American Medical Collection Agency (AMCA), which supplied billing collections services for Quest Diagnostics, LabCorp, and others.  

The unknown attacker was able to access and steal patient data, including Social Security numbers, addresses, dates of birth, medical information, and payment card information. The stolen data was later advertised for sale in underground forums on the dark web.  

After AMCA’s four largest clients terminated their agreements, the company filed for bankruptcy. In the meanwhile, a multistate investigation into the breach by 41 attorneys general that concluded in December 2020 held the company liable for $21 million in injunctive damages.    

10. Trinity Health 

Trinity Health experienced a large cloud-based customer relationship management software vendor cloud-based customer relationship management software vendor impact among healthcare providers due to the 2020 ransomware attack on Blackbaud, a vendor of cloud-based customer relationship management software.  

The attack on one of Blackbaud’s self-hosted cloud servers affected hundreds of customer organizations around the world, including more than two dozen healthcare organizations, and led to the compromise of more than 10 million records.   

Cybersecurity Strategies and Regulations 

To help healthcare organizations safeguard critical assets and data, government and industry bodies have published compliance mandates and recommendation frameworks, such as: 

General security and privacy:  

  • HHS and Healthcare and Public Sector Coordinating Councils’ “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” provides a “common set of voluntary, consensus-based, and industry-led guidelines, best practices, methodologies, procedures, and processes” to help healthcare organizations reduce cyber risk. 
  • The HIPAA Security Rule establishes national standards to protect individuals’ electronic personal health information (ePHI). The Security Rule mandates compliance with administrative, physical, and technical safeguards to ensure ePHI’s confidentiality, integrity, and security, including, among others, access control. 
  • NIST’s “HIPAA Security Rule Crosswalk to NIST Cybersecurity Framework” maps HIPAA Security Rule standards and implementation specifications to applicable NIST Cybersecurity Framework sub-categories. 

Protection from ransomware:  

  • HHS’s “Ransomware Fact Sheet” offers specific guidance for protection against ransomware and recovery — specifically in the context of HIPAA notification rules. 
  • CISA’s alert (AA21-131A) “Darkside Ransomware: Best Practices for Preventing Business Disruption from Ransomware Attacks” provides mitigation recommendations to reduce ransomware risks, including:  
  • Requiring multi-factor authentication for remote access 
  • Enabling strong spam filters to prevent phishing emails from reaching end users 
  • Implementing a user training program and simulated spear phishing attacks 
  • Filtering network traffic 
  • Updating software, including operating systems, applications, and firmware 
  • Limiting access to resources over networks, especially by restricting RDP 
  • Setting antivirus or antimalware programs to conduct regular scans 
  • Ensuring user and process accounts are limited through account use policies, user account control, and privileged account management 
  • Preventing unauthorized execution by:  
  • Implementing applications allow listing and Software Restriction Policies (SRPs) 
  • Disabling macros in Microsoft Office attachments 
  • Monitoring or blocking inbound connections from anonymization services (Tor) and post-exploitation tools (Cobalt Strike). 

The importance of Protecting Data with Access, Credential Management, and Privilege Controls 

All healthcare cybersecurity frameworks and regulations place great importance on safeguarding access. For example, the NIST Cybersecurity Framework includes Access Control (PR.AC) and Protective Technology (PR.PT) in its “Protect” pillar. NIST prescribes that “access to assets and associated facilities” must be “limited to authorized users, processes, or devices, and authorized activities and transactions.” This includes the following requirements specific to digital access: 

  • AC-1: Identities and credentials are managed for authorized devices and users. 
  • AC-3: Remote access is managed. 
  • AC-4: Access permissions are managed, incorporating the principles of least privilege and separation of duties. 
  • PT-3: Incorporate the principle of least functionality by configuring systems to provide only essential capabilities. This is critical to limiting the area of attack and ensuring the least privilege principle. 

Protecting access is foundational to implementing a Zero Trust model and the overall defense-in-depth strategy.  

Some examples of specific measures to safeguard access and privilege include the following: 

  • Implementing adaptive multi-factor authentication and single sign-on to prevent incidents resulting from credential compromise 
  • Protecting access to privileged accounts to foil takeover attempts and prevent breaches 
  • Ensuring user and process accounts are limited through account use policies, user account control, and privileged account management 
  • Securing remote third-party access to reduce the risk of breaches arising from the compromise of vendors, contractors, business partners, and other external parties. 

How can Rainbow Secure help  

Healthcare’s rapid transition to digital—where electronic medical records and online patient portals are the norms—has created new challenges in securing access to personal health data and clinical applications. This, combined with evolving compliance regulations, such as HIPAA & DEA, is driving a need for technologies that strengthen security while enabling clinicians to readily access patient information and applications. 

Rainbow Secure helps healthcare organizations meet these demands with our identity and authentication solutions. Our clinical workflow solutions give providers the tools they need to streamline access, increase clinician efficiency, and protect patient privacy. 

Meaningful Integrations into EMRs and other healthcare system apps 

Effective integration between software applications is essential in the healthcare industry and the battle toward complete interoperability. Rainbow Secure understands this essential need, which is why we make integration with other platforms a critical step when designing our solutions to deliver specialized support.  

  • Rainbow Secure offers industry-standard methods to integrate Windows and web-based applications (custom in-house and 3rd party cloud-based apps) — without long clumsy deployment cycles. 
  • Granting access to healthcare workers with multiple personas can be very tricky. Most healthcare organizations have personas like employees, community providers, hospices, volunteers, contractors, and external providers that all need different types of access. 
  • Role-based access, stress-free graphical identity & login security and single sign-on with versatile apps (office, clinical, finance, HR, community care…) make rainbow secure the ideal choice. 

Providers and Nurses have many systems to log in during the day. Rainbow Secure understands their unique needs and offers convenient ways for them to log in, and reverify without compromising security and patient data privacy. We have a solution:  

Rainbow Secure Identity and Single Sign-on powered by Rainbow Secure Login Options for Healthcare 

Other Cutting Edge Solutions from Rainbow Secure 

Secure Workforce & Customer login Use Authentication Plug-in by Rainbow Secure to secure workforce and customer logins. In this plug-in, you get a multi-dimensional password, passwordless login solutions with AI monitoring, Risk Analytics, and location fencing.  

Meet Compliance Requirements: Use Authentication Plug-in by Rainbow Secure with your business application and in SSO (Single Sign-on) and meet industry standards and compliance regulations such as NIST, ISO, FTC, SOX, SOC2, CMMC, CMMI, HIPAA, PCI, and others.  

Securely communicate and Collaborate: Use Secure Business Email by Rainbow Secure and get protection against account takeover, phishing, ransomware, and automated login cyber frauds. In this email, you get options to send encrypted emails, single sign-on with Office 365, and Google, and 1 TB one drive storage.  

Connect Business applications: Get one unified login using Rainbow Secure Single Sign-On   

Manage User Onboarding / OffBoarding using Rainbow Secure IAM  

Verify User using Smart Multi-factor MFA 

Do you have more questions about Compliance in Healthcare? Contact us today. Email us at Hello@rainbowsecure.com 

Post Tags:

No Comments

Leave a Comment