November 09, 2023
6 Min Read
Healthcare organizations must adapt to evolving cybersecurity threats with a focused data breach response plan. In 2025, reducing risk and ensuring compliance are key priorities.
The healthcare and public health sector continues to face rising data breach costs, up to USD 10.93 million globally as organizations bear direct costs to investigate, contain and pay regulatory fines as well as indirect costs related to loss of trust and patient churn. As the compliance landscape continues to evolve, with new revisions to HIPAA, revisions to CFR 21 Part 11, state privacy laws, and even upcoming changes to PCI DSS, healthcare organizations must also navigate new requirements to protect data, systems and services.
In a recent example, Atlanta-based Managed Care of North America (MCNA) Dental exposed the data of nearly 9 million patients, with exfiltrated data leaked to the dark web by the LockBit ransomware group. Mid 2023, HCA Healthcare also announced a breach impacting as many as 11 million patients across 20 states.
Increasingly, malicious actors are targeting healthcare organizations with the intention to disrupt or hold medical records hostage, a tactic that increases pressure to pay a ransom in order to ensure patient safety and care delivery. Today, organizations fall victim to a ransomware attack every 11 seconds—by 2031, it will be every 2 seconds. While 42% of healthcare organizations pay a ransom to recover data, the confirmed amount of data being compromised by ransomware in healthcare continues to rise.
Today, it takes an average of 277 days to identify and contain a data breach—204 days to identify and 73 days to contain. The takeaway here for healthcare organizations is not only the need to reduce risk of attack and breach with improved cyber hygiene practices, but also to reduce mean time to response after incidents are detected. How a healthcare organization responds to a data breach can have a significant impact on both cost and consequences, including reputation and compliance penalties.
Like every organization, the introduction of remote work and increasing supply chain vulnerabilities has simply reinforced that perimeter-based security controls are no longer enough. Effective handling of a healthcare data breach begins by acknowledging the new software-defined perimeter and the need for Zero Trust and better visibility over endpoints, in order to improve detection and response activities.
Recognized as a global standard for cybersecurity practices, the National Institute of Standards and Technology has created several guides to assist healthcare organizations in complying with HIPAA and in mapping these to the widely-accepted NIST Cybersecurity Framework (CSF). Response is one of the five pillars of the CSF, guiding organizations on the appropriate steps to take if a cybersecurity incident is detected to help contain the impact of the incident.
Further, NIST breaks down the Response activities into five sub actions:
However, if any cyber attack occurs, activities will be hyper focused on steps 2 through 4, where the actions being taken can be the difference between a simple security incident and long-term reputational and financial damage. Therefore, we’ve broken down these steps even further, helping healthcare organizations develop a clear, 6-step plan to effective data breach response.
Outlined in our Effective Healthcare Data Breach Response whitepaper in detail, these steps include:
Implementing a comprehensive, risk-based compliance strategy is pivotal for healthcare organizations who know that compliance alone doesn’t equal protection and that today’s era of care demands more. Absolute is uniquely positioned to help healthcare organizations across all five pillars, providing an unbreakable conneciton to endpoints to help quantify risk, ensure security controls in place are resilient, respond quickly, and recover faster.
Get the NIST Cybersecurity Framework Evaluation Guide here.
Learn more about Absolute's security solutions for healthcare here.
The healthcare sector continues to face rising risks from data breaches, with costs soaring into the millions. As healthcare organizations navigate the complexities of cybersecurity and compliance, responding swiftly and effectively to incidents is crucial to minimizing financial and reputational damage. Cyber resilience has become a priority, with organizations needing to act quickly to reduce the impact of an attack.
Effective data breach response requires a structured, comprehensive approach, including the ability to activate a response plan immediately and limit damage through rapid mitigation.
The introduction of new regulations, such as the Cyber Incident Reporting for Critical Infrastructure Act, underscores the importance of understanding and adapting to compliance requirements in real-time. Organizations must be prepared for the evolving landscape and ensure that all response activities are documented, helping reduce the long-term impact of breaches.
To dive deeper into how healthcare organizations can prepare for and respond to breaches, explore the latest on healthcare data breach response and reporting for actionable insights on minimizing risk.
For further guidance on managing cybersecurity incidents, check out the FTC’s Data Breach Response Guide to ensure compliance and strengthen your organization’s defenses.
By adopting a comprehensive breach response strategy, healthcare organizations can not only respond faster but also maintain patient trust, protect sensitive data, and improve resilience against future cyberattacks.
To learn more about how Absolute supports healthcare organizations with cybersecurity and endpoint protection, explore our solutions today.
Want to stay connected? You’ve got options. Explore our resource library, follow us on LinkedIn, or book a demo to see our solutions in action.
Simply put: we’re undeletable. Embedded in more than 600 million devices, our cyber resilience platform delivers endpoint-to-network access security coverage, ensures automated security compliance, and enables operational continuity. Nearly 21,000 global customers rely on Absolute to protect critical assets and keep security applications running smoothly. Building lasting cyber resilience is our promise — are you ready?
Share this article