Question

• Interpret and explain the causes of healthcare data breaches
• Identify and summarize information regarding database threats.
• Where can you find information about healthcare database threats?

Answer 1

Advances in information and communication technology have helped the healthcare industry to replace paper-based systems with electronic health record (EHRs) systems to provide better and more cost-effective services to its customers. EHRs enhance patient care, develop patient cooperation, enhance disease diagnosis, improve practice efficiency, and make patient health information accessible all the time [1]. Additionally, smartphones and other web-based smart devices have changed the way we communicate. These devices empower users to easily and conveniently access the online services provided by different organizations. Healthcare is one among them. The last few years have seen healthcare data become more digitized, distributed, and mobile [2]. The Internet of Medical Things (IOMT) has also played a vital role in this context. Sensitive data are collected by healthcare organizations from their customers and stored on network servers to make them accessible all the time, and to facilitate patient care, but unfortunately, every blessing has a curse, which also applies here. The use of smartphones and other smart devices has also become a key source of privacy breaches [3]. Due to software vulnerabilities, security failures, and human error, these databases are sometimes accessed by unauthorized users. This leads to the exposure of sensitive data in the form of data breaches. Sometimes, insider attackers cause damage to protected health information, which results in the loss, theft, or disclosure of sensitive healthcare data. The price of a complete record file of a single patient can be hundreds of dollars on the dark web [4]. In comparison to other data industries, the healthcare industry is among the worst affected [5].

--------------------------------------------------------------------------------------------------------------------------------------

Top Database Threats

The threats identified over the last couple of years are the same that continue to plague businesses today, according to Gerhart. The most common database threats include:

*Excessive privileges. When workers are granted default database privileges that exceed the requirements of their job functions, these privileges can be abused, Gerhart said. “For example, a bank employee whose job requires the ability to change only account holder contact information may take advantage of excessive database privileges and increase the account balance of a colleague’s savings account.” Further, some companies fail to update access privileges for employees who change roles within an organization or leave altogether.

*Legitimate privilege abuse. Users may abuse legitimate database privileges for unauthorized purposes, Gerhart said.

*Database injection attacks. The two major types of database injection attacks are SQL injections that target traditional database systems and NoSQL injections that target “big data” platforms. “A crucial point to realize here is that, although it is technically true that big data solutions are impervious to SQL injection attacks because they don’t actually use any SQL-based technology, they are, in fact, still susceptible to the same fundamental class of attack,” Gerhart said. “In both types, a successful input injection attack can give an attacker unrestricted access to an entire database.”

*Malware. A perennial threat, malware is used to steal sensitive data via legitimate users using infected devices.

*Storage media exposure. Backup storage media is often completely unprotected from attack, Gerhart said. “As a result, numerous security breaches have involved the theft of database backup disks and tapes. Furthermore, failure to audit and monitor the activities of administrators who have low-level access to sensitive information can put your data at risk. Taking the appropriate measures to protect backup copies of sensitive data and monitor your most highly privileged users is not only a data security best practice, but also mandated by many regulations,” he said.

*Exploitation of vulnerable databases. It generally takes organizations months to patch databases, during which time they remain vulnerable. Attackers know how to exploit unpatched databases or databases that still have default accounts and configuration parameters. “Unfortunately, organizations often struggle to stay on top of maintaining database configurations even when patches are available. Typical issues include high workloads and mounting backlogs for the associated database administrators, complex and time-consuming requirements for testing patches, and the challenge of finding a maintenance window to take down and work on what is often classified as a business-critical system,” Gerhart said.

*Unmanaged sensitive data. Many companies struggle to maintain an accurate inventory of their databases and the critical data objects contained within them. “Forgotten databases may contain sensitive information, and new databases can emerge without visibility to the security team. Sensitive data in these databases will be exposed to threats if the required controls and permissions are not implemented,” he said.

--------------------------------------------------------------------------------------------------------------------------------------

research paper:

Healthcare (Basel). 2020 Jun; 8(2): 133.

Published online 2020 May 13. doi: 10.3390/healthcare8020133

PMCID: PMC7349636

PMID: 32414183

Healthcare Data Breaches: Insights and Implications

NCBI website

tcs healthcare website

are some good information sources for health care data base threats.