As the financial services industry narrows its gaze on cybersecurity and starts to strengthen its defenses, hackers are starting to turn to an easier target. Despite a recent climb in data breaches at retailers and ecommerce vendors, the industry being hit the hardest this past year has been healthcare.
According to the Ponemon Institute’s 2017 Cost of Data Breach Study, the healthcare significantly surpassed every other industry in terms of per capita cost at $380 globally. This shows growth over the industry’s four-year average of $369 and is significantly higher than the next targeted industry, financial services ($245). Furthermore, this per capita cost is more than double the overall mean value of $141, across all 17 industries examined.
Why Healthcare Data Breaches?
In order to understand this shifting focus, we have to look at the reasoning and drive behind it. Next to financial services, healthcare has the highest volume of sensitive private data – some might argue it even has more.
Identity theft and fraud in the financial industry allows hackers to steal money, siphon funds, and open loans and credit cards in the victim’s name. But in healthcare, they can steal highly personal information, including health data, to sell, use for blackmail, or commit insurance fraud. Furthermore, this usually also provides them with the same information needed to commit financial fraud, opening up a variety of options for the exploitation of private data.
This is why if you look at the top data breaches over the past year, or even five years, you’ll see a number of healthcare or health insurance providers on the list. Anthem is just the most recent target, with the recent breach that compromised the records of more than 18,000 Medicare members, and a much larger breach in 2015 that left over 78 million records exposed.
Leveraging Biometric Security
In order to protect highly sensitive data, you need to change how you approach security. Biometric authentication can provide a higher degree of security because it requires a physical identifier – fingerprint, voice, face, or iris – to access data. For the healthcare industry, there are a variety of ways that biometric security can be leveraged to protect patients and reduce the risk of data breaches.
Insurance providers can use biometric authentication to verify the identity of policyholders to halt insurance fraud. Hospitals can use biometrics to rapidly identify patients in emergency situations or to confirm identity for prescriptions. And medical staff can use their biometrics as a replacement to passwords, or security badges to access patient records. Even further, hospitals could amend any biometric security solution to include physical access controls as well, leveraging stronger authentication for secure facilities such as pharmaceutical lockups or other rooms that require increased security.
Ultimately, biometrics-based multi-factor authentication is an essential piece of the future of security. For the healthcare industry, it could be the shot in the arm needed to overcome the growing threat of data breaches.