HIPPA’s HITECH Act and the Omnibus rule were enacted to prevent data breaches in healthcare; however, healthcare data breaches are on the rise.
Since its enactment in 1996, several provisions have been incorporated into the original Health Information Profitability and Accountability Act (HIPAA), one of which is the Health Information Technology for Economic and Clinical Health Act (HITECH): In 2009, The U.S. Department of Health and Human Services (HHS) enacted the American Recovery and Reinvestment Act, which includes the HITECH Act. On March 26,2013, HHS enacted a final Omnibus rule to implement several provisions of the HITECH Act. These provisions aim to strengthen the confidentiality …show more content…
The attackers may sell this information online or use the information themselves.
Know Your Enemies 2.0, a Feb. 2016 Report
A Feb. 2016 report from the Institute for Critical Infrastructure Technology states that currently, healthcare providers are the main target for cyber attackers. Providers are vulnerable because they focus on saving lives: Healthcare payers concentrate on processing transactions to ensure that patients remain well and healthcare providers can continue treating patients. Cyber attackers view this dedication as a weakness. Moreover, if a hacker attains a patient’s record and adds false information to it, the risk of a medical complication increases.
Categorizing Cyber Attackers
Cyber attackers are categorized according to who they target, what tactics they use and which techniques they employ.
1. The Hacktivist
A hacktivist is politically-motivated and targets institutions that have opposing political beliefs. Generally, a hacktivist attacks using a denial of service method. This technique overloads the server until it finally crashes. When a hacktivist targets a healthcare provider, he or she is looking to attain specific information about intellectual property, patient data or to embarrass the