Participants in the healthcare industry have seen a multi-front threat related to their information security practices/healthcare data – increased enforcement and fines by the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR); increased scrutiny from plaintiffs’ attorneys and State Attorneys General; and increased threats from malicious actors.

Recent reports underscore this reality. The 2022 SonicWall Cyber Threat Report notes that the healthcare industry faced a 755% increase in ransomware attacks in 2021. The FBI has also noted in their 2021 Internet Crime Report that the healthcare industry saw at least 148 Ransomware attacks in 2021. The FBI’s report emphasized that healthcare organizations have increasingly become the most targeted industry for ransomware attacks. This is chiefly accredited to the sensitive patient information they possess, and the general perception that they have weak security. Further, commenters have long noted that stolen health care data sells for a premium on the Dark Web.

COVID-19 further exacerbated the problem — to support a remote workforce, healthcare organizations and their business associates rushed to implement remote access solutions. In the haste, basic security practices were overlooked, and vulnerabilities were severely exploited. This rapid transition was an additional factor that has made healthcare one of the most targeted industries for ransomware attacks.

The post Alarming Rate of Ransomware Data Breaches Calls for Increased Protection in Healthcare Industry appeared first on Health Law Attorney Blog.