When customer payment info is compromised at Target, for example, it’s an inconvenience and a PR scandal; but what happens when the cyber-attack is targeted against a hospital or other healthcare provider? The resulting confusion can actually be deadly. Health care payment processing needs to take note.
This line of reasoning comes on the heels of a report about data breaches and their effect on patient health outcomes. The number-crunching in the report covers a breadth of 3,000 Medicare-certified hospitals. About 10 percent of them had experienced a data breach. The study, based on a PBS report, found a correlation between institutions that experienced data breaches and an uptick in fatalities: 36 additional deaths per 10,000. Perhaps just as troubling is the fact that health care data breaches are on the rise, up 20 percent in 2019 from just last year.
It should be noted that the above data breaches were mostly of medical records which, compared to the richness of data, have a higher “street value” to hackers than payment info, for example. In general, though, it underscores the importance of proper security protocol at every step of the game. With the important processes that are taking place at health facilities, inefficiencies can have a greater cost. While the additional deaths that were mentioned above were suggested to be due to complications & additional delays caused by “remediation activities” that came about from the medical record complications, it’s also important to realize that it’s not easy to separate some aspects of a provider’s operations as more important to guard against cyber-attacks; all facets need to be guarded in order to ensure the safety of patient info, and also the quality of patient outcomes.
Another example we can point to comes from the UK, where the “Wannacry” virus temporarily incapacitated certain aspects of the healthcare system, resulting in the cancellation of some 19,000 appointments, which is especially alarming because it included potentially urgent surgical operations which would have had to been rescheduled. It’s a sobering example of how important it is for health care providers to take the topic of cybersecurity seriously.
When it comes to data security, whether for health care payment processing or record keeping, it’s clear that the stakes are higher when medical service is involved. For our part, Moolah partners with payment gateway Authorize.Net to keep patient payment info safe and secure. This includes help with becoming PCI compliant. Additionally, much of the strategies for keeping your business safe and compliant for the payment card industry will have the additional benefits of tightening your data security across the board; things like tips on network security. With the help of Moolah and Authorize.Net, you can guard your interests, your reputation, and the health outcomes of your patients.