We’ve already learned the definition of encryption in this 4-part blog series and now we’ll take a look at how the healthcare industry uses encryption to guard electronic protected health information (ePHI).
How Healthcare Providers Use Encryption to Protect ePHI
Cyber criminals are targeting the $3.3 trillion U.S. healthcare industry because much of the information contained in a medical record is permanent and can’t easily be replaced like credit card numbers. Prescription and health records are permanent, social security numbers are difficult to reissue, records can be used for insurance fraud, and fake IDs are created to purchase medical equipment and prescription drugs for resale.
End-to-end encryption (E2EE) is used for all electronic medical records (EMRs), any hardware or software connected to EMRs also use E2EE, healthcare provider computers typically have encryption software pre-installed on each machine, clinical communication devices need to use encrypted software, and even healthcare-related mobile apps used by hospital staff are encrypted.
Failure to adequately safeguard patient information has plagued the healthcare industry for the past few years. According to a recent whitepaper from Protenus, a healthcare IT company specializing in protecting patient health data, breaches in the U.S. healthcare field cost $6.2 billion annually. The average HIPAA settlement fine is approximately $1.1 million and is increasing.