• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

  • Opinion
  • Health IT
    • Behavioral Health
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Patient Engagement
    • Population Health Management
    • Revenue Cycle Management
    • Social Determinants of Health
  • Digital Health
    • AI
    • Blockchain
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • M&A
  • Value-based Care
    • Accountable Care (ACOs)
    • Medicare Advantage
  • Life Sciences
  • Research

4 Data Security Challenges for Healthcare Organizations in 2022

by Ankit Kumar Agarwal, Director - IT Delivery Services at NewWave Telecom & Technologies Inc. 12/22/2022 Leave a Comment

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print
4 Data Security Challenges for Healthcare Organizations in 2022
Ankit Kumar Agarwal, Director – IT Delivery Services at NewWave Telecom & Technologies Inc.

The healthcare industry has always been a prominent target for cybercriminals worldwide. They can access high-value patient PHI/PII data and use it maliciously to disrupt the patient’s treatment routine and bring down uptime, which is critical. It has repercussions on patients, doctors, hospitals, and everything associated with the healthcare ecosystem.

Data security is one of the most pressing challenges facing the healthcare industry today. Cybercrime’s recent surge has led many healthcare organizations to realize that they need better security. The industry now understands the need for data security, but many obstacles remain. Here are some of the most substantial of these challenges for the coming year.

The key challenges faced by the industry include Data Breaches, Ransomware, Extensive use of Mobile Applications without proper ways to perform Authentication and Authorization and Lack of Healthcare Data Interoperability. 

1. Data breaches

The average cost of the healthcare data breach was $9.6 million in 2021. So, it’s clear that data breaches are one of the biggest challenges for the healthcare vertical. The emphasis is to ensure that we implement proper processes and controls within the organization and limit people’s access only to the data that they needed to perform their day-to-day business operations and implement the latest cutting-edge technologies across our nations to prevent any further data breaches. In addition, Healthcare software providers and organizations must comply with HIPAA (Health Insurance Portability and Accountability Act). It helps them to protect their sensitive information. However, few of them follow it strictly, giving attackers access to the data.

Recent Data Breaches:

– November 2022: Ransomware Hacker Steals Medibank Data on 9.7m Customers

– September 2022: American Airlines Discloses Data Breach

– September 2022: U-Haul Discloses Data Breach Including Driver’s License Numbers

– July 2022: Hacker Posts Data on 5.4 Million Twitter Users For Sale

– July 2022: Marriott Confirms 20 GB Data Breach

– June 2022: Up to 2 Million Affected By Shields Health Care Group Breach

– June 2022: Flagstar Bank Notifies Customers of Breach Affecting 1.5m

– May 2022: Texas Department of Insurance Data Leak Comes to Light

– March 2022: Microsoft Breached by Lapsus$ Hacker Group

– March 2022: Lapsus$ Group Breaches Authentication Company Okta

– March 2022: Ronin Network Breached in $540 million Crypto Heist

2. Ransomware

Ransomware plagued healthcare organizations in 2020 and 2021, and 2022. As many as 34% of health care organizations experienced a ransomware attack in 2020, and 65% of those attacks were successful. Of those victims, more than a third paid the ransom, a trend that will encourage future attacks.

Health care data is valuable, so much so that these organizations can’t operate without it. As a result, cybercriminals are more likely to receive a substantial payout from a successful ransomware attack. Ransomware is a reality that medical organizations must plan for, likely for as long as they use digital data.

Recent Ransomware Attack Examples:

1. Nvidia: The world’s largest semiconductor chip company was compromised by a ransomware attack in February, 2022.

 2. Costa Rica Government: This has probably been the most spoken-of attack in 2022 as it’s the first time a country declared a national emergency in response to a cyber-attack. 

3. Bernalillo County, New Mexico: This was one of the first big attacks in 2022. On January 5, the largest county in New Mexico discovered that it had become the victim of a paralyzing ransomware attack, taking several county departments and government offices offline. 

4. Toyota: Between February and March 2022, three Toyota suppliers were hacked, showing us that no matter how secure your organization may be, a determined threat actor can and will find a way to break in.

3. Extensive Use of Mobile Applications without Predefined Authentication and Authorization

Another threat to healthcare data security in 2022 is the extensive use of mobile apps without defined Authentication and the Authorization methods. Telehealth adoption has skyrocketed, rising 50% in the first quarter of 2022 alone, and while this makes medical care more accessible, it also introduces risks. Sensitive medical data is now accessible through mobile devices that often lack extensive security.

Many of these risks exist on the patient’s side. Users who don’t understand the importance of security steps like multi-factor authentication and avoiding public Wi-Fi may make their own medical data vulnerable. App developers and organizations that use them must anticipate this behavior and secure these apps.

4. Lack of Interoperability

US Healthcare system is huge with various healthcare entities working in silos using various disparate systems with same data stored in different formats across various systems, which makes achieving healthcare interoperability a challenge to improve the member healthcare outcome and to reduce the healthcare waste. This sprawl will make it harder to understand a network’s vulnerabilities, placing this data at risk.

The industry is grappling with ways to implement HITRUST, NIST, SOC2 and HIPAA-defined controls to mitigate some of these security challenges and to implement FHIR Healthcare Interoperability Standards to encourage Healthcare data exchange across different Healthcare Stakeholders. In the coming blogs, we will be focusing on some of these areas and try to define a pathway for a Healthcare Organization to implement best practices to mitigate some of these challenges/risks.


About Ankit Kumar Agarwal

Ankit Kumar Agarwal is the Director of IT Delivery Services at NewWave Telecom & Technologies Inc., a full-service Information Technology (IT), Business Services, and Data Management company.

  • LinkedIn
  • Twitter
  • Facebook
  • Email
  • Print

Tagged With: behavior, Cybercriminals, data management, FHIR, health insurance, Healthcare Data, Healthcare Data Breach, Healthcare Interoperability, HIPAA, HITRUST, interoperability, Microsoft, PHI, risk

Tap Native

Get in-depth healthcare technology analysis and commentary delivered straight to your email weekly

Reader Interactions

Primary Sidebar

Subscribe to HIT Consultant

Latest insightful articles delivered straight to your inbox weekly.

Submit a Tip or Pitch

Featured Insights

2025 EMR Software Pricing Guide

2025 EMR Software Pricing Guide

Featured Interview

Kinetik CEO Sufian Chowdhury on Fighting NEMT Fraud & Waste

Most-Read

2019 MedTech Breakthrough Award Category Winners Announced

MedTech Breakthrough Announces 2025 MedTech Breakthrough Award Winners

WeightWatchers Files for Bankruptcy to Eliminate $1.15B in Debt

WeightWatchers Files for Bankruptcy to Eliminate $1.15B in Debt

KLAS: Epic Dominates 2024 EHR Market Share Amid Focus on Vendor Partnership; Oracle Health Sees Losses Despite Tech Advances

KLAS: Epic Dominates 2024 EHR Market Share Amid Focus on Vendor Partnership; Oracle Health Sees Losses Despite Tech Advances

'Cranky Index' Reveals EHR Alert Frustration Peaks Midweek, Highest Among Admin Staff

‘Cranky Index’ Reveals EHR Alert Frustration Peaks Midweek, Highest Among Admin Staff

Madison Dearborn Partners to Acquire Significant Stake in NextGen Healthcare

Madison Dearborn Partners to Acquire Significant Stake in NextGen Healthcare

Wandercraft Begins Clinical Trials for Physical AI-Powered Personal Exoskeleton

Wandercraft Begins Clinical Trials for Physical AI-Powered Personal Exoskeleton

Chipiron Secures $17M to Transform MRI Access with Portable Scanner

Chipiron Secures $17M to Transform MRI Access with Portable Scanner

Abbott to Integrate FreeStyle Libre Glucose Data with Epic EHR

Abbott to Integrate FreeStyle Libre Glucose Data with Epic EHR

5 Ways New Trump Administration Tariffs Are Impacting U.S. Healthcare Now

5 Ways Trump Administration Tariffs Are Impacting U.S. Healthcare Now

iCAD, GE HealthCare Integrate to Advance Breast Cancer Detection with AI

RadNet to Acquire iCAD for $103M in All-Stock Transaction

Secondary Sidebar

Footer

Company

  • About Us
  • Advertise with Us
  • Reprints and Permissions
  • Submit An Op-Ed
  • Contact
  • Subscribe

Editorial Coverage

  • Opinion
  • Health IT
    • Care Coordination
    • EMR/EHR
    • Interoperability
    • Population Health Management
    • Revenue Cycle Management
  • Digital Health
    • Artificial Intelligence
    • Blockchain Tech
    • Precision Medicine
    • Telehealth
    • Wearables
  • Startups
  • Value-Based Care
    • Accountable Care
    • Medicare Advantage

Connect

Subscribe to HIT Consultant Media

Latest insightful articles delivered straight to your inbox weekly

Copyright © 2025. HIT Consultant Media. All Rights Reserved. Privacy Policy |