Why Cybercriminals Want PHI

Video 11 of 14
3 min 13 sec

In this lesson, we'll be covering why cybercriminals want PHI, the value of PHI on the black market, and some examples of what ransomware looks like. We'll also show you some ways you can protect PHI and ePHI and what your obligation is in the event of a data breach at your place of employment. And at the end of the lesson, we'll have a one question quiz that we're certain you'll pass.

As of 2019, the healthcare industry has the 4th largest number of data breaches among the top five business sectors in the U.S. These sectors include, in order of the number of breaches from highest to lowest:

  1. Financial services
  2. Retail
  3. Government
  4. Healthcare
  5. Manufacturing

Since healthcare ranks as high as it does for data breaches, it's important that you actively protect PHI and ePHI at all times.

The Value of PHI on the Black Market

When credit card numbers and bank account numbers are stolen, their lifespan is very short, as they're only useful until the victim cancels the card or closes the account.

Pro Tip #1: The information contained in medical records is much more valuable than credit card numbers and bank account numbers and has a much broader utility. This information can be used to commit multiple types of fraud and/or identity theft and (here's the important part) does not change even after it has been compromised. You can't cancel your social security number, for instance.

For this reason, the value of this type of personal data to cybercriminals is much higher than credit card numbers and bank account information alone. This information in a vacuum only has a selling price of $1 to $2 in the underground market.

However, when a single credit card number is stolen and sold as part of a complete identity profile, that price in the underground market increases dramatically and jumps to around $720.

As we've learned from recent Equifax breaches and the WannaCry ransom attacks, along with dozens or hundreds of lesser profile electronic attacks, PHI is extremely valuable to cybercriminals who can create and sell these identity packages on the dark web.

How You Can Help Protect PHI

The reasons outlined above is why it's so vital that you actively protect PHI and ePHI at all times. Over the last few years alone, and just using ransomware cases as an example, these types of cybersecurity threats have increased by more than 500 percent.

Platforms used for ransomware attacks are platforms you likely use daily at work (professionally and personally while at work) and include:

  • Business applications
  • USB drives
  • Social media
  • Website attachments
  • Email

Warning: Be especially cautious when using USB drives, as they are usually used in multiple locations and can therefore become infected easily, as well as spread those infections equally easily.

Having said that, email is still the most common offender and medium for distributing ransomware and other potentially harmful bugs and viruses. When it comes to email, there are two places to be especially aware of as far as viruses go:

  1. Around 38 percent of all viruses come embedded in the email itself, which means just opening the email is enough to possibly contribute to a data breach.
  2. Around 28 percent of all viruses come inside an attachment, which is why you never open an attachment from a recipient you don't know. However, …

Pro Tip #2: There is no reason to get to the suspicious attachment stage. If you ever receive a suspicious-looking email, DO NOT OPEN IT! Simply delete it and notify those in your organization responsible for such things, like your compliance officer, IT company, and so forth.

You may recall the example in the corresponding video for this lesson. The employee notices that an email looks weird and asks her manager what she should do. The manager shows her the proper way to handle such an email – mark it as junk and then empty the junk folder.

The other important lesson from the video example is letting your privacy officer know when you receive a suspicious email, in case other employees receive the same email. It only takes one instance of an employee opening an email containing a virus that can lead to a data breach.

Quiz: You just received a strange-looking email; what do you?

  1. I do not open it
  2. I delete the email
  3. I notify my manager, privacy officer, etc.
  4. All of the above

If you answered D, congratulations! You just demonstrated uncommon sense. Seriously though, it's about good decision making and making those good decisions habitual.