(The Center Square) — A new study found Georgia has experienced 160 medical records breaches since 2009.
Comparitech analyzed data from 2009 to July 2023 and found Georgia’s breaches affected more than 7.3 million records. That amounts to 68,907 records affected per 100,000 people.
“As we are seeing, legislating against things like ransomware attacks is difficult,” Rebecca Moody, Comparitech’s head of data research, told The Center Square in an email. “Some states are starting to introduce legislation which prevents certain entities from paying ransoms (North Carolina and Florida prevent government entities from paying ransoms, for example).
“And while organizations should be applauded for not entering into negotiations with hackers, this does often leave data vulnerable to exploitation,” Moody added. “As hackers increasingly target organizations with greater volumes of sensitive data (something medical organizations have in troves), ransoms aren’t the only potential financial gain for them. Selling huge volumes of data is arguably more fruitful as they can’t always guarantee a ransom but they can always sell the data.”
Internet security has been a hot-button topic. In June, for example, state Sen. Jason Anavitarte, R-Dallas, said Georgia needs to create a state information security command, an action that should be hastened following a Russian online security attack that hit the University System of Georgia and several federal agencies.
Additionally, a state House committee will debate internet security enhancements for state agencies.
“While legislation around ransom payments may help, overcoming medical data breaches requires a multi-faceted approach and, ultimately, prevention is better than cure,” Moody said. “Governments can aid organizations by helping them try to stay one step ahead of hackers by alerting them to potential vulnerabilities and offering key training and awareness.”
