Data or security breach is a major security concern in healthcare industry. Research shows that in the year 2013, the healthcare industry experienced about 43% of data breach incidents as compared to only 3.7% in financial services (Shin, 2014). Data breach at healthcare industry causes problem to many thousands people.
One of the giant database hack took place in Community Health Systems recently in 2014, where Chinese hackers have stolen about 4.5 million of medical records of patients (Sullivan, 2014). The data stolen contains all patients’ data who had taken service from the healthcare organization in the past five years. Reports found that the breach has been organized and performed from China. The hackers bypassed security system of the organization and took personal information including names, birth dates, telephone number, SSN number and excluding any credit card number or medical data. Unlike previous Chinese hacking attacks that were intended to steal intellectual property like product or service design information, this attack was designed to steal personal information (Finkle & Humer, 2014). The attackers have gained accessed to the system by injecting malware. This potential attack could have been avoided by imposing strict firewall, more advanced spam filter and by training employees about security practices such as not clicking suspicious links or spam email (MacKinnon, 2012).
Another giant database hack took place in the Anthem Inc., a leading health insurer (Riley, 2015). The information stolen from the organization include names, birthdates, medical ID, SSN, home location, employment information, income and email addresses. Though the company denies the claim of any medical information breach, as many as 80 million clients’ information have been compromised by the incident. The company offers free of cost identity protection and credit monitoring service to affected customers. Many suspect Chinese hackers for the incident, which still lacks valid evidence. The hackers sent scam to the users and has stolen important data. Poorly implemented security, outdated software and low level security are causes of the hack (Cannon, 2015). To avoid such threat, high level security, up to date system and advanced firewall should be used.