Intel has teamed up with over 40 solution providers to create the Healthcare Security Readiness Program, aimed at helping to prevent breaches, including cybercrime hacking and ransomware. Nearly 90 percent of health care organizations – often seen as vulnerable targets lagging in security compared with peers in other industries, such as financial services – have experienced a breach in the past two years.1
Intel will share more about the program and results at the Healthcare Information and Management Systems Society (HIMSS) 2017 event from 12 to 1 p.m. EST Monday, Feb. 20. Intel and multiple industry partners will also run an interactive group security readiness workshop and information sharing session at HIMSS 2017 from 2-5 p.m. EST Wednesday, Feb. 22.
Press Kit: Advancing Data-Driven Health Care Solution
Through its collaborations, the Intel program is already addressing the security capabilities of more than 60 health care organizations across nine countries, shining light on priorities across eight types of breaches and ransomware along with strengths, weaknesses and opportunities across 42 security capabilities.
According to the FBI, ransomware is expected to become a $1 billion a year crime in 2016, up 6,000 percent from just $24 million in 2015.2 The average total cost of a breach is now $4 million2, with health care leading all industries in terms of per capita impact at $355 per patient record breached. Ransomware, software that blocks access to data in exchange for payment, has severely disrupted health care with some infections causing health care organizations to shut down and send some of their patients elsewhere.3
To help health care organizations understand where they stand in terms of security and how they measure relative to their peers and the industry, the Healthcare Security Readiness Program provides one-hour complimentary and confidential workshops. In addition to assessing maturity, priorities and capabilities, health care organizations also learn through this engagement how their security capabilities relate to HIPAA, NIST, PCI DSS, ISO2700x, CIS, and GDPR requirements.
"Ransomware is the highest priority type of breach, and health care organizations show a wide spread in readiness from having as little as only 17 percent of the relevant security capabilities to having up to 85 percent," said Jennifer Esposito, general manager of Global Health and Life Sciences at Intel Corporation. "The average readiness for ransomware across health care is only 58 percent revealing that there is much room for improvement in security capabilities to mitigate risk."
The program's findings show that even foundational capabilities such as Security Incident Response Plans are severely lacking, with only a 58 percent average level of implementation across health care.
Health care organizations can supplement existing regulatory, data protection law and standards compliance activities with this valuable additional security readiness input to better inform future security decisions, reduce risk of breaches and ransomware, and pave the way for improved patient care. Learn more about this program and view a sample report at Intel.com/BreachSecurity or contact BreachSecurity@Intel.com for further information.
1 Ponemon Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data
2 Ransomware: Now a Billion Dollar a Year Crime and Growing
3 Ransomware takes Hollywood hospital offline, $3.6M demanded by attackers