Your medical records from personal doctors and hospitals are increasingly going electronic, both due to ease of accessibility for providers and the stimulus of $24 billion dollars in federal incentive money (thanks to the 2009 Health Information Technology for Economic and Clinical Health Act.) Now, serious worries are raised that this sensitive information's accessibility isn't being protected well enough from threats.
According to the Identify Theft Resource Center, over half of the 353 tracked breaches in 2014 were from the health sector. Criminal attacks on health data are on the rise, with the target information (such as a full health profile on a certain person) selling for $500 on the black market. This information can be used to steal an identity to gain care, or worse, commit blackmail with the sensitive material. A Ponemon report claimed 313,000 people were health-record heist victims in 2013, up 19 percent from the previous year.
Politico.com reports that security ratings firm BitSight has rated the health care industry as the least prepared for a cyber attack, thanks in part to their high volume of threats and slow response time. Also, about half of health systems surveyed in an annual review by the Health Information Management Systems Society indicated that they spent 3 percent or less of their IT budgets on security.
Even the Feds admit this is a weak system. The health industry “is not as resilient to cyber intrusions compared to the financial and retail sectors, therefore the possibility of increased cyber intrusions is likely,” according to a warning released by the FBI.
Since 2009, more than 31.6 million individuals (a tenth of the United States) have had their medical records exposed through some form of malfeasance or outright theft, according to the U.S. Department of Health and Human Services.