Cyberattacks have become ubiquitous, and while they hit many industries, did you know that healthcare tops ALL industries, when it comes to money lost in data breaches?
Between 2022 and 2023, healthcare industry losses from data breaches increased by over 8 percent, going from $10 million to $11 million, twice as much as the second-most breached industry. And over the past three years, the average cost of a data breach in healthcare grew by over 50 percent.
As an employee in the healthcare technology sector, I’m inundated by news of cyberattacks and their implications, but never more than recently.
In June, I went on new parent leave from work for over a month. When I returned just two weeks ago, I had hundreds of unread emails and news alerts to catch up on, but the issue of data breaches stood out. Here’s just a taste of what I came back to:
This is not just a patient privacy issue or a health plan/system financial issue. It’s also a patient safety issue, especially when medical facilities are forced to delay treatments and divert ambulances.
Fallout from a cyberattack on one hospital or system often has a ripple effect, causing adjacent facilities to see an uptick in ambulances arriving, patient volume, and wait times to receive care.
In fact, the number of scenarios in which a patient left these adjacent facilities without even being seen by a doctor was shown to have risen by an overwhelming 127 percent!
Additionally, healthcare organizations often report increased patient mortality rates, poor patient outcomes, and complications from medical procedures after experiencing a data breach.
In short, healthcare is a leading target for cyberattacks because it has numerous virtual vulnerabilities that, according to an FBI cybersecurity specialist, are nearly impossible to fully eliminate.
For instance, healthcare providers are a prime target for cyber criminals because they retain tons of sensitive patient data, like healthcare histories, payment information, and even detailed research data that can be obtained digitally and held for ransom.
This dilemma is compounded by several additional factors, including: a) private patient information is worth a lot of money on the black market; b) the medical industry’s urgent nature lends itself to open and shareable healthcare information; and c) medical technology is constantly becoming outdated, making it an easy entry point for hackers while leaving the industry unprepared for attacks, even with safeguards in place.
Meanwhile, the feds aren’t much help in this area. Aside from setting cybersecurity standards for medical devices and introducing legislation to mandate cybersecurity minimums for hospitals, government regulation is quite sparse.
So, here’s my call to action – we should focus more attention on the cyberattacks bludgeoning this industry and how prevalent they are. We should all be increasingly vigilant, regardless of the role we play in the industry, because this a crisis that can easily affect any of us.
It’s no secret to any of us that there has been quite a bit of recent disagreement between the opposing sides of the political aisle
I’m going to skip over the topic of the hour with the government shutdown and address two actions the federal government has taken in the
Please log in to your account to comment on this article.
Uncover essential coding insights with nationally recognized coding authority Kay Piper, RHIA, CDIP, CCS. Through ICD10monitor’s interactive, on‑demand webcast series, Kay walks you through the AHA’s 2026 ICD‑10‑CM/PCS Quarterly Coding Clinics, translating each update into practical, easy‑to‑apply guidance designed to sharpen precision, ensure compliance, and strengthen day‑to‑day decision‑making. Available shortly after each official release.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s fourth quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s third quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s second quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Federal auditors are intensifying their focus on inpatient psychiatric facilities, using advanced data analytics to spotlight outliers and pursue high‑dollar repayments. In this high‑impact webcast, Michael Calahan, PA, MBA, Compliance Officer and V.P., Hospital & Physician Compliance, breaks down what regulators are really targeting in IPF-PPS admissions, documentation, treatment and discharge planning. Attendees will learn practical steps to tighten processes, avoid common audit triggers and protect reimbursement and reduce the risk of multimillion-dollar repayment demands.
In this timely session, Stacey Shillito, CDIP, CPMA, CCS, CCS-P, CPEDC, COPC, breaks down the complexities of Medical Decision Making (MDM) documentation so providers can confidently capture the true complexity of their care. Attendees will learn practical, efficient strategies to ensure documentation aligns with current E/M guidelines, supports accurate coding, and reduces audit risk, all without adding to charting time.
Join Ronald Hirsch, MD, FACP, CHCQM for The PEPPER Returns – Risk and Opportunity at Your Fingertips, a practical webcast that demystifies the PEPPER and shows you how to turn complex claims data into actionable insights. Dr. Hirsch will explain how to interpret key measures, identify compliance risks, uncover missed revenue opportunities, and understand new updates in the PEPPER, all to help your organization stay ahead of audits and use this powerful data proactively.
Stay ahead of the 2026-2027 audit surge with “Top 10 Audit Targets for 2026-2027 for Hospitals & Physicians: Protect Your Revenue,” a high-impact webcast led by Michael Calahan, PA, MBA. This concise session gives hospitals and physicians clear insight into the most likely federal audit targets, such as E/M services, split/shared and critical care, observation and admissions, device credits, and Two-Midnight Rule changes, and shows how to tighten documentation, coding, and internal processes to reduce denials, recoupments, and penalties. Attendees walk away with practical best practices to protect revenue, strengthen compliance, and better prepare their teams for inevitable audits.
Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →
BLOOM INTO SAVINGS! Get 25% OFF during our spring sale through March 27. Use code SPRING26 at checkout to claim this offer.
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 1 with code CYBER25
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
