The foundation of healthcare organizations is based upon the trust of their patients. In good faith, patients disclose their most private information knowing that it will be treated confidentially and kept safe. However, as technology in the healthcare industry advances and digitizes, the healthcare industry faces increased risk of cyber breaches resulting in the large-scale compromise of patients' protected health information. 

In addition, the concern that healthcare institutions have become a target for cybercriminals is substantiated by the prevailing data breach involving Baltimore Medical Systems, demonstrating that cybercriminals are viewing healthcare institutions as desirable targets. Health Information Management (HIM) databases contain one-of-a-kind data sets comprised of three distinct types of data - personal, financial, and medical- which store extremely high-value transactions therefore; HIM databases are targeted for theft.

Historically, medical records have contained the most sensitive type of data. Medical records contain the following types of personal information: full name; date of birth; social security number; health insurance information; and detailed treatment history. If a medical record is compromised, the data could be utilized for identity theft; filing false or fraudulent medical claims; or committing health insurance fraud (e.g., Attaining Medical Care Through Careful Study Of Compensation Strategies). The victim may be unaware that his/her health records were compromised until long after the fact.

One of the biggest problems that healthcare cybersecurity faces today is the complexity of its systems; hospitals and other medical facilities rely on both modern digital systems as well as on older, legacy systems, many of which do not currently have up-to-date security protocols installed. Having both of these types of systems creates potential points of entry for unauthorized access by cybercriminals. The combination of complex system structures with the human element (e.g. phishing attacks, poor password management) creates an enormous attack surface that may leave security teams vulnerable to cybercriminal activity.

An example of this scenario in action has occurred with the Baltimore Medical System experience with a significant data breach that points towards delayed detection as an issue related to cyber incidents; usually when a cybercriminal gains access to an organization’s systems they can remain undetected for several days or even weeks, allowing them ample opportunity to extract large amounts of sensitive information prior to being detected. The risk associated with delayed detection is heightened by the fact that the longer a cybercriminal remains undetected, the greater their potential impact will be on the affected organization and by delaying the detection period everything that could have been done to investigate/remediate has become much more difficult to accomplish.

Another contributing factor to the elevated level of risk associated with cybercriminal activity in the healthcare industry is the interconnectivity of all types of healthcare service delivery; as information related to patients moves throughout the various healthcare facilities, laboratory services, insurance companies, and networked service vendors providing services (e.g. telemedicine), each time a new network connection is created an additional layer of vulnerability is created making it exponentially more difficult to maintain consistent security controls across all connected systems.

Healthcare organisation should be proactive about cybersecurity by conducting regular technology audits , training staff , implementing encryption and deploying advanced threat detection techniques. Investing in cybersecurity should be viewed as integral to maintaining the trust of patients and supporting ongoing operations .

As the healthcare industry evolves , so will its methodologies for protecting data. The Baltimore Medical System data breach exemplifies the need for constant vigilance in protecting patient data . Institutions that are not adequately secured are susceptible to cyber threats at a large scale .