• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

  • Opinion
  • Health IT
    • Behavioral Health
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Patient Engagement
    • Population Health Management
    • Revenue Cycle Management
    • Social Determinants of Health
  • Digital Health
    • AI
    • Blockchain
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • M&A
  • Value-based Care
    • Accountable Care (ACOs)
    • Medicare Advantage
  • Life Sciences
  • Research

4 Data Security Challenges for Healthcare Organizations in 2022

by Ankit Kumar Agarwal, Director - IT Delivery Services at NewWave Telecom & Technologies Inc. 12/22/2022 Leave a Comment

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print
4 Data Security Challenges for Healthcare Organizations in 2022
Ankit Kumar Agarwal, Director – IT Delivery Services at NewWave Telecom & Technologies Inc.

The healthcare industry has always been a prominent target for cybercriminals worldwide. They can access high-value patient PHI/PII data and use it maliciously to disrupt the patient’s treatment routine and bring down uptime, which is critical. It has repercussions on patients, doctors, hospitals, and everything associated with the healthcare ecosystem.

Data security is one of the most pressing challenges facing the healthcare industry today. Cybercrime’s recent surge has led many healthcare organizations to realize that they need better security. The industry now understands the need for data security, but many obstacles remain. Here are some of the most substantial of these challenges for the coming year.

The key challenges faced by the industry include Data Breaches, Ransomware, Extensive use of Mobile Applications without proper ways to perform Authentication and Authorization and Lack of Healthcare Data Interoperability. 

1. Data breaches

The average cost of the healthcare data breach was $9.6 million in 2021. So, it’s clear that data breaches are one of the biggest challenges for the healthcare vertical. The emphasis is to ensure that we implement proper processes and controls within the organization and limit people’s access only to the data that they needed to perform their day-to-day business operations and implement the latest cutting-edge technologies across our nations to prevent any further data breaches. In addition, Healthcare software providers and organizations must comply with HIPAA (Health Insurance Portability and Accountability Act). It helps them to protect their sensitive information. However, few of them follow it strictly, giving attackers access to the data.

Recent Data Breaches:

– November 2022: Ransomware Hacker Steals Medibank Data on 9.7m Customers

– September 2022: American Airlines Discloses Data Breach

– September 2022: U-Haul Discloses Data Breach Including Driver’s License Numbers

– July 2022: Hacker Posts Data on 5.4 Million Twitter Users For Sale

– July 2022: Marriott Confirms 20 GB Data Breach

– June 2022: Up to 2 Million Affected By Shields Health Care Group Breach

– June 2022: Flagstar Bank Notifies Customers of Breach Affecting 1.5m

– May 2022: Texas Department of Insurance Data Leak Comes to Light

– March 2022: Microsoft Breached by Lapsus$ Hacker Group

– March 2022: Lapsus$ Group Breaches Authentication Company Okta

– March 2022: Ronin Network Breached in $540 million Crypto Heist

2. Ransomware

Ransomware plagued healthcare organizations in 2020 and 2021, and 2022. As many as 34% of health care organizations experienced a ransomware attack in 2020, and 65% of those attacks were successful. Of those victims, more than a third paid the ransom, a trend that will encourage future attacks.

Health care data is valuable, so much so that these organizations can’t operate without it. As a result, cybercriminals are more likely to receive a substantial payout from a successful ransomware attack. Ransomware is a reality that medical organizations must plan for, likely for as long as they use digital data.

Recent Ransomware Attack Examples:

1. Nvidia: The world’s largest semiconductor chip company was compromised by a ransomware attack in February, 2022.

 2. Costa Rica Government: This has probably been the most spoken-of attack in 2022 as it’s the first time a country declared a national emergency in response to a cyber-attack. 

3. Bernalillo County, New Mexico: This was one of the first big attacks in 2022. On January 5, the largest county in New Mexico discovered that it had become the victim of a paralyzing ransomware attack, taking several county departments and government offices offline. 

4. Toyota: Between February and March 2022, three Toyota suppliers were hacked, showing us that no matter how secure your organization may be, a determined threat actor can and will find a way to break in.

3. Extensive Use of Mobile Applications without Predefined Authentication and Authorization

Another threat to healthcare data security in 2022 is the extensive use of mobile apps without defined Authentication and the Authorization methods. Telehealth adoption has skyrocketed, rising 50% in the first quarter of 2022 alone, and while this makes medical care more accessible, it also introduces risks. Sensitive medical data is now accessible through mobile devices that often lack extensive security.

Many of these risks exist on the patient’s side. Users who don’t understand the importance of security steps like multi-factor authentication and avoiding public Wi-Fi may make their own medical data vulnerable. App developers and organizations that use them must anticipate this behavior and secure these apps.

4. Lack of Interoperability

US Healthcare system is huge with various healthcare entities working in silos using various disparate systems with same data stored in different formats across various systems, which makes achieving healthcare interoperability a challenge to improve the member healthcare outcome and to reduce the healthcare waste. This sprawl will make it harder to understand a network’s vulnerabilities, placing this data at risk.

The industry is grappling with ways to implement HITRUST, NIST, SOC2 and HIPAA-defined controls to mitigate some of these security challenges and to implement FHIR Healthcare Interoperability Standards to encourage Healthcare data exchange across different Healthcare Stakeholders. In the coming blogs, we will be focusing on some of these areas and try to define a pathway for a Healthcare Organization to implement best practices to mitigate some of these challenges/risks.


About Ankit Kumar Agarwal

Ankit Kumar Agarwal is the Director of IT Delivery Services at NewWave Telecom & Technologies Inc., a full-service Information Technology (IT), Business Services, and Data Management company.

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print

Tagged With: behavior, Cybercriminals, data management, FHIR, health insurance, Healthcare Data, Healthcare Data Breach, Healthcare Interoperability, HIPAA, HITRUST, interoperability, Microsoft, PHI, risk

Tap Native

Get in-depth healthcare technology analysis and commentary delivered straight to your email weekly

Reader Interactions

Primary Sidebar

Subscribe to HIT Consultant

Latest insightful articles delivered straight to your inbox weekly.

Submit a Tip or Pitch

Featured Insights

2025 EMR Software Pricing Guide

2025 EMR Software Pricing Guide

Featured Interview

Paradigm Shift in Diabetes Care with Studio Clinics: Q&A with Reach7 Founder Chun Yong

Most-Read

Medtronic to Separate Diabetes Business into New Standalone Company

Medtronic to Separate Diabetes Business into New Standalone Company

White House, IBM Partner to Fight COVID-19 Using Supercomputers

HHS Sets Pricing Targets for Trump’s EO on Most-Favored-Nation Drug Pricing

23andMe to Mine Genetic Data for Drug Discovery

Regeneron to Acquire Key 23andMe Assets for $256M, Pledges Continuity of Consumer Genome Services

CureIS Healthcare Sues Epic: Alleges Anti-Competitive Practices & Trade Secret Theft

The Evolving Role of Physician Advisors: Bridging the Gap Between Clinicians and Administrators

The Evolving Physician Advisor: From UM to Value-Based Care & AI

UnitedHealth Group Names Stephen Hemsley CEO as Andrew Witty Steps Down

UnitedHealth CEO Andrew Witty Steps Down, Stephen Hemsley Returns as CEO

Omada Health Files for IPO

Omada Health Files for IPO

Blue Cross Blue Shield of Massachusetts Launches "CloseKnit" Virtual-First Primary Care Option

Blue Cross Blue Shield of Massachusetts Launches “CloseKnit” Virtual-First Primary Care Option

Osteoboost Launches First FDA-Cleared Prescription Wearable Nationwide to Combat Low Bone Density

Osteoboost Launches First FDA-Cleared Prescription Wearable Nationwide to Combat Low Bone Density

2019 MedTech Breakthrough Award Category Winners Announced

MedTech Breakthrough Announces 2025 MedTech Breakthrough Award Winners

Secondary Sidebar

Footer

Company

  • About Us
  • Advertise with Us
  • Reprints and Permissions
  • Submit An Op-Ed
  • Contact
  • Subscribe

Editorial Coverage

  • Opinion
  • Health IT
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Population Health Management
    • Revenue Cycle Management
  • Digital Health
    • Artificial Intelligence
    • Blockchain Tech
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • Value-Based Care
    • Accountable Care
    • Medicare Advantage

Connect

Subscribe to HIT Consultant Media

Latest insightful articles delivered straight to your inbox weekly

Copyright © 2025. HIT Consultant Media. All Rights Reserved. Privacy Policy |