Health Care Data for Sale: Now What?

Jun 16, 2014
3 minutes

If you are responsible for network security, information security, compliance or security in general at a healthcare provider, join us on June 23 for an interactive online event on the topic of healthcare data protection, organized in partnership between Palo Alto Networks and the SANS Institute.

Screen Shot 2014-06-16 at 11.17.42 AM


For healthcare providers, there is no more time to wait on IT investments related to information and network security. Recent surveys and extensive research on cybercriminal targets paint the healthcare industry as needing serious catch-up with regard to security. Consider:

  • In April, the Federal Bureau of Investigation (FBI), in a private notice sent to healthcare providers, raised concerns about the sector lagging behind other industries in cybersecurity readiness. According to reports, the FBI notice stated: “The healthcare industry is not as resilient to cyber intrusions compared to the financial and retail sectors, therefore the possibility of increased cyber intrusions is likely”
  • Patient and healthcare data also appears to be a lot more valuable in the underground market than any other data, making the healthcare sector a prime target for cyber criminals. In the same April article, Reuters reported that “Cyber criminals were getting paid $20 for health insurance credentials compared with $1 to $2 for U.S. credit card numbers prior to the Target breach.”
  • Medical-related identity theft account for 43% of all identity thefts reported in the US in 2013. This is more than any other industry according to the Identity Theft Resource Center (ITRC) report.

In addition, government penalties for failing compliance audits have made regulatory compliance requirements far too costly to ignore in a sector whose costs are skyrocketing. Recently, two healthcare providers on the US East Coast were fined $4.8 million for HIPAA violations.

Bottom line: Healthcare providers must act now, get on a get better path for security and systematically reduce their risks without letting costs get out of control. We’ve published several posts on the topic, including how you can get started immediately without waiting for a master plan. In addition, our Application Visibility and Risk Report is a free assessment that can help you identify where your IT and network infrastructure might be most at risk and give insights in a week without any disruption to your current operations.

If you want to learn more about how to tackle current security challenges in healthcare, join us for an interactive webinar put together in partnership with the SANS Institute:

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.