The last few months have been excruciating for the whole world due to the COVID-19 outbreak. Hospitals have been working tirelessly, tending to the unprecedented number of patients coming in. However, that has not stopped them from experiencing unwanted incidents like data breaches. However, even in this scenario, protecting patient data is a must.
On March 20, University of Utah Health started notifying a number of its patients regarding a phishing incident followed by a malware attack. Back in February, the provider detected unusual activities on their employees’ email accounts. After conducting a thorough examination, they concluded that an outsider gained unauthorized access to those employees’ email accounts between January 7 and February 21.
The outsider did this by acting as a trusted source. Thankfully, the U of U Health was successful in securing the affected accounts. Some of the patient data, which was potentially exposed consisted of patient names, DOB, medical record numbers, as well as some clinical information.
However, that was not the end of the data breach.
After detecting the phishing attack, U of U Health found out that an employee’s machine might have contained downloaded malware on February 3. After scrutiny, the experts at U of U Health stated that the malware potentially allowed access to parts of patient data, just like the previous one – names, DOB, medical record numbers, as well as some clinical information.
The matter is still being investigated, and however, U of U Health stated that they did not find any evidence that the affected patient data was misused. The healthcare provider is making changes to ensure that such unwanted incidents do not happen again.
That is just one healthcare provider. There are numerous that are still facing data breaches, even during the coronavirus pandemic. The crisis makes it ripe for hackers to steal sensitive patient information, as hospitals are having a hard time dealing with the whole situation at hand.
Medical identity theft issues
The hackers can steal patient data, and either use it for their purposes or sell it to other parties. The outcome is medical identity theft – someone else assumes the identity of the patients and uses healthcare services, which were initially meant for the patients. Medical identity theft causes the victims to receive shocking bills for services they never used. It can also lead to the healthcare providers being hit with lawsuits by the patients, claiming that the providers did not protect their sensitive patient data well enough.
How are hospitals protecting patient data?
This is where RightPatient can help. With this contactless patient identification platform, medical identity theft can be prevented easily. RightPatient uses biometric data (such as iris) to store medical records along with capture photos of the patient. Later on, all a registered patient needs to do is look at the camera – RightPatient identifies the accurate medical records within seconds and provides it to the hospital staff. Even in the case of a data breach, patient records are locked with the patients’ biometric information. Thus, also if a third-party assumes the identity of the patient, the platform will immediately detect the fraudster – preventing medical identity theft and protecting patient data.
Also, it is of paramount importance that hygiene is maintained within hospitals, which is why RightPatient’s contactless identification platform makes it ideal for detecting accurate patient records during this crucial time without causing infection control issues.