Health Care Breach Affects 4.5 Million Americans
The relentless assault by hackers on the cyber systems of the nation continues to escalate as news comes of yet another cyber breach that will affect millions of Americans. According to just-released information, Community Health Systems, which runs over 200 hospitals mainly across the south and western portions of the nation, had their cyber system breached, and as many as 4.5 million patient records were stolen. According to the organization the breach occurred in April or May of this year. Medical data was not stolen, but personal information such as social security numbers, home addresses, and birth dates were taken by the hackers.
This latest breach highlights two important areas. First, the Health Insurance Portability and Accountability Act aka HIPAA, directly applies to the breach. According to the law, hospital records should have been secured by the hospital with due diligence. If a failure of security is due to negligence, or lax security, then the affected patients, and the government, have grounds to sue the organization. Community Health Systems revealed that it has cyber insurance, but its stock dropped in early trading today. The second issue is that once again a nation state appears to be implicated in the breach. According to preliminary reports, investigators from the security firm Mandiant have pointed a finger of blame at that portion of the world. The breach is under ongoing investigation and government agencies including the FBI are looking into the matter.
Cyber criminals, hackers, terrorists, and nation states with malicious intent continue to breach our digital systems seeking sensitive information that can be leveraged for financial gain, among other things. Congress recently acted to pass the National Cybersecurity and Critical Infrastructure Protection Act, but it appears evident that much more needs to be done to forestall this ongoing and ever escalating assault on our digital information. Insurance can pay for some of the damages done due to a breach, but it does nothing to alleviate ongoing fears that more intense breaches may be around the corner that will affect us all in a dramatic manner.