Cyberattacks are rising fast in the healthcare space, and the federal office tasked with dealing with these breaches is completely overwhelmed.

That’s according to a recent report from Politico, which found the Department of Health and Human Services (HHS) Office for Civil Rights is overflowing with cyberattack cases, where criminals are stealing the health information of millions. The office, which Politico described as “tiny,” is responsible for investigating breaches, helping healthcare organizations boost their defenses against cyberattack and dole out fines for security lapses. The office’s duty is to enforce both the HIPAA privacy law and help organizations better protect themselves.

Unfortunately, the Office for Civil Rights doesn’t have much of a budget to accomplish these tasks, according to Politico. With a budget of just $38 million in 2022, the office has fewer investigations than some police departments, while investigators have caseloads of over 100. Plus, investigators rely on the cooperation from victims, which are sometimes reluctant to report breaches.

The healthcare sector is a huge target for cyber criminals seeking personal information, and the industry is particularly vulnerable to ransomware. HHS recently warned that electronic health records are vulnerable to hackers, with their information being extremely valuable to criminals. Last year, hackers gained access to the health records of nearly 50 million people. On average, data breaches cost healthcare organizations $10 million, according to a recent study from IBM. 

See the full story below: