Report: Health data breaches are surging with no end in sight
Thursday, May 26, 2016
Attacks on our health data continue — that's no secret — but where these breaches come from is still a matter of question. Whether they come from within or without, the number of these breaches remains consistently high.
According to new research by the Ponemon Institue, nearly 90 percent of all healthcare organizations have been breached over the past two years, and about half of those estimate they've been breach more than five times over that same period. The "Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data" estimates that based on the results, the cost is as much as $6.2 billion.
"The average cost of data breaches for covered entities surveyed is now more than $2.2 million, while average cost to business associates in the study is more than $1 million," the survey authors state.
Ponomon suggests criminal attacks are the primary reason for breaches in healthcare, and "internal problems such as mistakes — unintentional employee actions, third-party snafus and stolen computing devices — account for the other half of data breaches." Ponemon studied healthcare organizations (91) and business associates (84).
"The majority of these breaches were small, containing fewer than 500 records," the study indicated. However, the findings suggest no healthcare organization, regardless of size, is immune from data breach. Also important to note is that healthcare organizations still don't have sufficient security budgets to curtail or minimize data breach incidents
13 percent of respondents say they experienced a breach because of a malicious insider, outside cyberattacks remain a primary concern for healthcare organizations.
"In 2016, ransomware, malware and denial-of -service (DOS) attacks are the top cyberthreats facing healthcare organizations,” the report suggested. "Healthcare organizations and BAs alike are also significantly concerned about employee negligence, mobile device insecurity, use of public cloud services and employee-owned mobile devices or BYOD — all threats to sensitive and confidential information."
No matter who is responsible for a breach, most in the report said they think healthcare is more vulnerable to breach than other industries.
The most breached items include medical files, billing and insurance records, and payment details. Somewhat surprisingly, most organizations — once breached — offer no protection for those affected. Honestly, given the sophistication of the attacks, protection may only do so much.
With ever-present news of breach and security efforts impacting healthcare organizations, the threats have healthcare organizations more to chew on, but little seems to be capable of stopping the overwhelming number of attacks on our nation's healthcare system.
It's difficult to refute that the move to the electronic records has paralleled the rise in the amount and veracity of the attacks. Moving back to paper is not the answer, nor is it an option. But more needs to be done, obviously. What that is has yet to be seen.
- 7 trigger control errors and how to fix them
- To fight crime, engage kids in quality after-school programs
- The stress of 911 call-takers and emergency dispatchers
- 17 of the most specific, bizarre ICD-10 codes
- Children of the badge: The impact of stress on law enforcement children
- Married to the badge: Stress in the law enforcement marriage
- BSN or ADN? Nursing at a crossroads
- Nurses rally in DC to address staffing issues with Congress
- Ethology and veterinary practice: Client perceptions of animal behavioral problems
- US payrolls add 1.8 million jobs; jobless rate drops to 10.2%
- How to improve communication across departments
- Without baseball crowds, some businesses grapple with a grim new reality
- Optimism beckons for 2020-21 deer hunting season in Texas
See your work in future editions
Your content, Your Expertise,
Your Industry Needs YOUR Expert Voice & We've got the platform you needFind Out How