Most are unaware of the seriousness of medical data theft
Most remain unaware of their vulnerability to medical data theft, and the fact that it can be far more damaging than credit card or social security number compromise, according to Vormetric and Wakefield Research.
A recent Ponemon study found that about two-thirds of medical-record theft victims said they had paid an average of $13,500 to resolve the theft. Yet 89 percent of those polled by Vormetric did not include medical records in their top three selections for personal data they would be most concerned to have lost in a data breach.
The survey also found that Americans are still most concerned about the security of financial account information and social security numbers. The protection available from encryption was also not understood. 91 percent would still feel vulnerable if an encrypted file with their data was lost.
Other categories of sensitive information subject to data breaches that Americans are concerned about include:
- Personal contact information – 24 percent
- Social media usernames and passwords – 11 percent
- Home Wi-Fi or Internet login information – 10 percent
- Fingerprint information – 9 percent
- Work email correspondence – 4 percent
- Online dating account history – 3 percent.
With today’s advanced threats, organizations must prepare for the fact that their networks and IT resources will be penetrated by attackers. As evidenced by recent mega breaches, such as those of Sony, Ashley Madison, Anthem and OPM, hackers are clearly after more than “just the usual.”
With the FBI reporting that black market prices for PHI are 4x to 12X higher for medical records than for credit card data, people’s healthcare data is a primary target for hackers.
Encryption combined with strong access control is perhaps the most effective way to protect sensitive data given today’s threat environment. However, in spite of the high profile discussions of encryption technology in the media, the majority of Americans still seems uneducated about the benefits of encrypting sensitive account information. A surprising 91% of respondents would still be worried if their personal data was stored in an encrypted file that was stolen as a result of a hack.