What are the Biggest Data Security Risks in the Healthcare Industry?

Padlock and keyhole in a printed circuit. Digital illustration.Written By Lucy Peters

The current global health crisis is doing more than wreaking physical havoc; it is also affecting data security, exposing potentially sensitive patient data and putting the efficient functioning of healthcare organizations at risk. In some parts of the world, there has been a 150% increase in cyber attacks in recent months, with the stress of the pandemic causing many organizations to lose sight of cyber security at a time in which it is most under threat from new advancements in AI and other technologies that make attacks swifter and wider in scope. What are the main threats to data security in the healthcare sector and what steps can be taken to reduce them?

Phishing Attacks

Prior to the COVID-19 outbreak, many organizations – including the Oregon Department of Human (ODHS) Services – fell prey to phishing attacks. Indeed, the latter suffered a breach affecting some 645,000 patients, compromising over two million emails after just nine employees responded to a phishing email. In order to counter this threat, organizations need to rely on technology such as multi-factor authentication to prevent malicious emails from making it to employees’ inboxes. Employee training is equally important in preventing cyber attacks; in some organizations, simulated phishing software is being used to train and test employees’ abilities to respond to such a threat. Investing in training is a highly efficient way to combat a problem that is costing companies hundreds of billions of dollars every year.

Insider Breaches

Research by Egress has found that about 63% of healthcare data breaches are caused by human error, while around 20% are caused by sending information to the wrong recipient. The famous UW Medicine breach (which exposed the data of around 947,000 patients) was caused by a misconfigured server that made private documents accessible to the public. Healthcare organizations should set up identity access management rules to be followed strictly by staff. They should also implement controls covering the printing of sensitive documents. New content aware print management tech tracks information on who printed a document, where it was printed, and the contents of a document. This can boost compliance and minimize security breaches.

Cloud Security

Research by MarketsandMarkets indicates that the cloud model is increasingly appealing for healthcare decision makers, as most organizations need solutions to deal with an exponential growth of patient data. The benefits of the cloud are indubitable, yet alongside them comes a host of new threats — including malware and ransom attacks. Solutions to the problem include performing regular backups (these should be stored offline or in a separate network from the main one), encryption, and the conduction of a full cyber risk assessment on all third party vendors and contractors.

The healthcare industry is increasingly relying on digital sources for the storing of sensitive data. Some of the main threats it faces include phishing, insider breaches, and cloud security issues. These can be tackled both through education of personnel and through the adoption of effective solutions such as efficient IT management services, a regular backup system, encryption, and the reliance on a professional IT team that is on the beat when it comes to new developments in cybersecurity threats – including AI-based threats.




Please also review AIHCP’s Case Management program and see if it matches your academic and professional goals.  The program in online and independent study and open to qualified professionals seeking a Case Management Program

Case Management Certification Article on HCAHPS Scores

Secure Your Score: A Few Tips to Improve Your Practice’s HCAHPS Score

Please also review our Case Management Certification
Please also review our Case Management Certification

Something healthcare practitioners should give a lot of attention to is the HCAHPS. This acronym stands for Hospital Consumer Assessment of Healthcare Providers and Systems. This is a survey that is filled out by patients to indicate their satisfaction or lack thereof with the services rendered at a medical facility. You can think of HCAHPS as a performance review performed by actual patients.

Hcahps is required by CMS, the Centers for Medicare and Medicaid Services. It is used for all hospitals in the United States. It is performed over the phone after a patient is discharged. The results of these surveys become part of the public record and are used by the government to determine reimbursement for that facility. It’s extremely important to receive good scores on this survey. Below are a few tips you can use to improve your practice’s HCAHPS scores.

Make Your Team Cognizant of HCAHPS

Obtaining high scores on HCAHPS requires good communication among all the staff members of a medical facility. It must be communicated to nurses, doctors and other staff members that HCAHPS is a strong priority. They must be made aware of the scores that have been received. There should be an open dialogue on how to improve scores and ways different staff members can do their part to improve the patient experience. Consider having staff meetings about HCAHPS specifically especially if low scores are an issue.

Treat Patients with Respect and Courtesy

Low HCAHPS scores may be an indication that patients believe they are not being treated with the right amount of respect and courtesy by nurses, doctors and others that work in a medical facility. The first question on the survey in fact regards the courtesy shown to a patient by nurses. Lack of respect and courtesy as perceived by the patient can throw off the entire score.

Sometimes, there may be a difference in perceptions regarding an interaction between a healthcare professional and a patient. Just because the healthcare professional believes the interaction went well does not mean the patient feels the same way. In this case, some additional training may be required. The patient should be properly greeted, and the healthcare professional should maintain eye contact with that patient. Having a friendly demeanor and making small talk can also go a long way with helping to improve patient satisfaction.

Listen to Patients

Another important question on the HCAHPS survey regards whether or not a patient was listened to properly. Listening is an important part of the healthcare process. It is one of the ways healthcare professionals like nurses and doctors gather evidence to help make informed decisions regarding patient care. Patients may be experiencing specific symptoms that they find very worrying. If a healthcare professional does not properly listen to what patients have to say and instead interrupts or ignores them, this can be very distressing.

Communicate Clearly with Patients

Listening is only part of proper communication with patients. You also need to be able to explain medical conditions, care plans, tests, prescriptions, etc. In a way that the patient understands. Whether or not this communication was clear enough is also something that is scored on the HCAHPS. Try to avoid technical medical jargon and explain things in ways that individual patients can comprehend. Don’t be afraid to use tools to help educate patients either. A DVD with animations that demonstrate how a certain medical procedure is performed can be an effective teaching tool.

Overall, HCAHPS is important. If you don’t receive good scores, you have an issue that must be immediately addressed. Improving HCAHPS scores isn’t only important because it’s used as a measuring tool by CMS. If you want to be a good healthcare practitioner, patients should feel satisfied with the care they receive in your facility.


Please also review our Case Management Certification