Article 7 in our series on CARF accreditation
The growing cybersecurity crisis in healthcare
Cybersecurity threats in healthcare are rising at an alarming rate. For organizations pursuing or maintaining CARF accreditation, safeguarding patient and operational data has become critical—not only to meet regulatory requirements but to protect against financial and reputational harm.
Healthcare organizations are prime targets for cyberattacks due to the wealth of sensitive patient data they handle. In 2023, healthcare was the most targeted industry for cyberattacks, with incidents rising by 22% compared to the previous year. According to the FBI, healthcare organizations reported an increase in ransomware attacks, data breaches, and phishing scams, which often result in stolen data, disrupted operations, and costly recovery efforts.
Key Statistics:
- The average cost of a healthcare data breach was $10.93 million in 2023, the highest across all industries (IBM Cost of a Data Breach Report).
- 30% of healthcare organizations experienced at least one ransomware attack in 2022 (Sophos).
- 80% of healthcare data breaches are caused by internal errors or human factors (Verizon Data Breach Investigations Report).
Why CARF-accredited organizations are at risk
CARF-accredited healthcare facilities handle highly sensitive patient data, including medical histories, treatment plans, and financial information. A cyberattack can lead to compromised patient trust, financial loss, and failure to meet CARF’s stringent compliance standards. Therefore, a strong cybersecurity posture is no longer optional—it’s a necessity.
Given the rise in cyberattacks targeting healthcare, CARF-accredited organizations must prioritize robust cybersecurity measures to protect both their data and their accreditation status.
Questions? Keiter’s Cybersecurity team can provide advice and consultation to help your healthcare practice mitigate cybersecurity risk. Contact us. Email or Call: 804.747.0000
About the Authors
Zac serves clients in the healthcare industry and is a leader in Keiter’s Healthcare and Medical Services Practice. He assists his clients with financial reporting in conformity with generally accepted accounting principles, consulting on strategic business initiatives, as well as helping them understand the accounting and financial reporting implications of complex equity transactions and implementation of new accounting standards. Read more of Zac’s accounting insights on our blog.
Jim works predominately with clients in the medical and dental industry where he provides tax planning and compliance services related to practice acquisitions and transitions. Jim strives to add value to his client relationships by being a trusted advisor. He is a leader in Keiter’s Healthcare and Medical Practices team. Read more of Jim’s accounting insights on our blog.
Rachel brings a passion for providing superior value to her assurance and audit clients through the highest form of quality service. Understanding her clients’ organizational missions and providing tailored engagement services is paramount to her approach. Her clients include healthcare companies, and she is a member of the Healthcare and Medical Practices team. Read more of Rachel’s accounting insights on our blog.
Chris is a Senior Manager in Keiter’s Risk Advisory Services. Chris has a strong combination of IT skills, which range from IT audit and internal control assessments, including general computer controls and application controls, to full stack web development. Most recently, Chris developed a Cybersecurity web application that assesses an organization’s resistance to social engineering attacks. Chris shares his cybersecurity insights on our blog.
The information contained within this article is provided for informational purposes only and is current as of the date published. Online readers are advised not to act upon this information without seeking the service of a professional accountant, as this article is not a substitute for obtaining accounting, tax, or financial advice from a professional accountant.
