Are Cyber Attackers Accessing Your Medical Records?
The healthcare sector is becoming more and more vulnerable to cyber attacks and the New Jersey Office of Homeland Security and Preparedness is fully aware of that fact.
The office is the parent agency to the New Jersey Cybersecurity and Communications Integration Cell. A partnership was announced Tuesday between the NJCCIC and the National Healthcare Information Sharing and Analysis Center to enhance cybersecurity information sharing on behalf of the state’s healthcare providers.
“In 2015, about two-thirds of all breached records in the United State linked directly to the health care sector,” said Dr. Chris Rodriguez, OHSP director.
Most health care records are digitized these days, Rodriguez said. The information in those records is very attractive to cyber attackers because it’s far more than they could glean from a debit or credit cards swipe.
“There’s a lot of personally identifiable information in health records that are becoming increasingly vulnerable to these types of attacks. You have your social security number, you have your full name, your address, your complete medical history, names of spouses, children and all of this information, if someone is able to steal it, they can use for nefarious purposes,” Rodriguez said.
The NJCCIC and NH-ISAC will exchange cyber threat indicators in an automated way to promote shared situational awareness of the tools and tactic cyber attackers may be using as it relates to the healthcare sector. Under the agreement there are mandates for strict data handling, classification, and disclosure protocols to protect everyone’s confidentiality.
“We must constantly battle to stay ahead of our adversaries. I’m very excited to have this partnership,” said Denise Anderson, President of the NH-ISAC and the Chair of the National Council of ISACs.
As New Jersey’s one-stop-shop for cybersecurity resources, the NJCCIC serves governments, businesses, and citizens across the state by promoting better awareness of cyber threats and the adoption of best practices.