Data breaches have emerged as a key issue in the healthcare industry, where businesses have spent large amounts of money and resources on improving how information is protected.
Cyber attacks have made the news several times in recent years, but the issue is particularly prevalent in the healthcare sector.
Research from Verizon shows that 18 out of the 20 industries it examined have been impacted by stolen medical information, even though many organisations outside of healthcare are not aware they even carry such data. The findings highlight that information such as employee records and data for wellness programs are generally vulnerable to hackers.
The company's 2015 Protected Health Information Data Breach Report suggests that people are holding back important information from their healthcare providers because they are worried about the potential of a cyber attack.
Suzanne Widup, senior analyst and lead author for the Verizon Enterprise Solutions report, said: "Many organisations are not doing enough to protect this highly sensitive and confidential data.
"This can lead to significant consequences impacting an individual and their family and increasing healthcare costs for governments, organisations and individuals. Protected health information is highly coveted by today's cybercriminals."
Ms Widup explained that healthcare organisations must be able to realise that patients trust them with their data and could suffer huge implications if the trust is broken.
After all, as well as losing customers, businesses can sustain significant reputational damage if personal information is stolen, along with potential fines from regulators such as the Information Commissioner’s Office (ICO).
One factor that may increasingly affect healthcare data protection plans is the Internet of Things (IoT), which has emerged as one of the leading technologies in the market - with everything from complex medical devices to personal fitness trackers now collecting and sharing data.
The emerging popularity of the IoT has sparked concerns regarding online security, with the ISACA's IT Risk/Reward Barometer showing that 73 per cent of IT professionals believe it is likely that a company will be attacked through a connected device, whereas 72 per cent do not believe satisfactory security measures are introduced in IoT devices.
It is also clear that customers want businesses to have the qualifications required to handle data, with 89 per cent of respondents suggesting that data security professionals should hold a cybersecurity certificate if they work at an organisation that has access to a consumer’s personal data.
Matt Leob, chief executive officer of ISACA, told the Wall Street Journal that businesses should educate and raise awareness of the IoT across its board of directors and understand how it affects risk management processes.
As well as this, he advised businesses to ensure workplace devices are updated regularly with efficient security upgrades while guaranteeing that they are wirelessly connected through the workplace guest network instead of an internal one.
The threat of cyber attacks is real and here to stay and companies need to ensure that they prepare their staff properly.
Even if organisations have to spend money to train their staff, this investment will save a large amount of money in the long run if staff are able to prevent information from falling into the wrong hands.
As well as this, companies need to be aware of common mistakes that can be made by employees, such as leaving USB sticks unattended and opening suspicious emails.