Health care provider Community Health Services, based in Franklin, Tennessee, announced this week that the data of 4.5 million of its patients was stolen earlier this year in a hacker attack that is believed to have originated in China and may be linked to the Heartbleed security bug.
The stolen information includes names, addresses and telephone and social security numbers, but not medical records or credit card numbers. CHS said the OpenSSL breach has now been closed and its security measures improved.
Cyber attacks against health care-related targets are becoming increasingly common, according to a blog on the online edition of The Washington Post, which states that major breaches have now affected nearly 35 million patients nationwide and cost the industry some $5.6 billion per year.
Those numbers reveal that the health care sector is vulnerable to attacks, in part because of its own failure to see such issues coming. One health network CIO admitted to The Wall Street Journal that "we've not been on the front line as long as defense or finance," but he added that a major shift is already underway.
More providers are now working on the long overdue job of beefing up their security systems, a task for which IT consulting firms are ideally suited. A professional IT consultant can provide essential expertise to keep up with hackers, a vital task for any organization that works online, but especially for health care companies, which are responsible for protecting not only their own information but also that of millions of patients, whose medical and financial data is extremely sensitive. Because of this, health providers have a duty as much as a need to ensure that their security measures are in the capable hands of professionals.
