Research

Healthcare data breach costs hit a new record

scientist-working-laboratory-checking-drug-data-standing-front

The average total cost of firewalling data thefts increases from $9.23 million in 2021 to $10.10 million in 2022.

As cyber-attacks disrupt healthcare services, advanced protections and policies for healthcare systems with digital-to-mechanical interfaces have become essential, the New England Journal of Medicine (NEJM) reports in its latest issue.

According to federal reports cited by the journal, the American Hospital Association reported 36,241,815 hospitalizations in the country In 2021, and during the same year, 40,099,751 medical records were stolen.

The average total cost of a breach in healthcare data rose from $9.23 million in 2021  to $10.10 million in 2022, an increase of $0.87 million or 9.4 percent, reveals the Cost of a Data Breach Report, featuring research by the Ponemon Institute.

Another report titled: “The State of Ransomware in Healthcare 2022″ highlights a 94 percent increase in ransomware attacks on healthcare organizations in 2021. On the other hand, 66 percent of these organizations were affected in 2021 compared to 34 percent in 2020.

According to Sophos, a leader in next-generation cybersecurity, the good news is that healthcare organizations are getting better at dealing with the aftermath of ransomware attacks. Over 99 percent of the organizations got at least some of their data back after cybercriminals encrypted it during the attacks.

 “Every healthcare worker understands that red electrical sockets indicate emergency power that should always be available. But no such codification exists for essential software systems — an oversight that often results in trial-and-error approaches that can exacerbate the damage done by a cyberattack,” writes Eric Perakslis in the NEJM article. “Clinical and administrative staff must know in advance which systems are most likely to be compromised during a cyber event and which can be counted on.”

The article further reads that the potential exposure of healthcare infrastructure to cyberattacks presents a grave threat to clinical systems and to patient well-being.

“However, by educating and training clinical staff in cyber-incident response and preparing them to participate actively in countering a cyberattack, hospitals, clinics, and health systems will be able to actively mitigate and reduce the harmful effects of any acute cyber event,” Perakslis  adds.

Author