Prior to 1992, the thought of cyberwar, cybersecurity and hacking was predominantly constrained to Hollywood fantasy. Fast-forward to present times, when connectivity is commonplace, and the level of data breaches and hacking has become horrifyingly real. The reality is that every day, our data is used or even copied, often without us knowing. As a generation that willfully inputs their information on multiple websites, we seem to concern ourselves less with the concept of cybersecurity until disaster strikes.
Trust Must Be Earned
In contrast to not fully considering the importance of cybersecurity, we greatly consider our trust in a company with our data, like our bank, our hospital, our insurance companies, our primary retailer or even the Department of Motor Vehicles (DMV). We're quick to assume that if they ask for our sensitive information, they must be taking security measures to prevent that data from being leaked into the wrong hands.
We can never be too sure that a company or even the whole industry is up to the cybersecurity standards that must be utilized in today's ever-changing digital world. Shockingly, one large industry that suffers financially from data breaches and hacking is the healthcare industry.
Generally, one would think that healthcare and all the sensitive data involved should be buttoned up pretty tightly, but it is quite the contrary. The overall cost of a healthcare breach is about $408 per patient record, not including the loss of business, productivity and reputation of the entity involved.
Annually, the healthcare industry sees $5 billion in costs to correct data breaches, hacking and all-around poor cybersecurity measures. In addition to the cost to find a solution to these errors, healthcare entities are being fined by the Department of Health and Human Services Office for Civil Rights, sometimes as much as $28 million annually.
Why So Costly?
The steepness of these fines is the result of a lack of preventative measures. The severity of a data breach in the healthcare industry is immense, where once the damage is done, it is essentially permanent. So, who is responsible once a patient's records have been breached, and what are the repercussions to this? Financial penalties are prevalent; however, what about breached trust? Is there permanent damage between the patient and the entity?
If a customer goes to a local store and the customer's data is stolen, the trust the customer had is almost instantly gone, like in Target's hacking issue, where customers ultimately boycotted shopping there as a result.
Now imagine going to your doctor about personal medical issues, only to be contacted later in the week about how all your personal information is in someone else's hands now. You would feel incredibly violated and likely wonder if even your doctor was the reason it got out.
Hacking a School
Hackers traditionally target industries with a lot of data and very little security. School districts are examples of this in recent years, the reason being the lack of funds and tight budgets they have to spend on internal cybersecurity.
In contrast, the healthcare industry has a much larger budget in all capacities, making it questionable as to why they seem to be behind the ball. How can a hospital better anticipate what's to come by realizing the Hard Trend of cyberattacks and pre-solve problems before they occur?
Finding a Solution in Anticipation
A cyber-risk assessment is an option, with many hospitals using a more cost-effective outside vendor to do the job. Preventing cybercrimes is a 24-hour-a-day venture with criminals pinging systems thousands of times a day, so it would greatly benefit healthcare entities to outsource this responsibility to a company with the capacity to monitor security around the clock.
As an entrepreneur, it is safe to assume that cyberattacks on sensitive data hubs in healthcare is a Hard Trend, with the cybersecurity market for healthcare being a burgeoning one with a greater purpose. But if cybersecurity is not your passion, cyber insurance is another option, where covered entities must conduct a thorough assessment of the threats and vulnerabilities, implement reduction measures, and ensure that any vendor or organization handling private health information is security compliant.
Both criminally savvy individuals and the rapid advancement of digital technology are Hard Trends; therefore, healthcare companies and outside entrepreneurs alike should pre-solve future problems before they become disastrous and use their anticipatory mindsets to help move the healthcare industry safely forward.
Daniel is the author of The Anticipatory Organization: Turn Disruption and Change into Opportunity and Advantage and Flash Foresight: How to See the Invisible and Do the Impossible. To order in bulk for your event, please visit Bulkbooks.com.