9 Out of 10 Healthcare Organizations Have Suffered a Data Breach Since 2010

Michael Scranton

Michael Scranton

Posted on January 04, 2017

Data BreachSince 2010, healthcare has seen a 125% increase in criminal attacks to their digital patient data. In fact, according to a study by the Ponemon Institute, 91 percent of healthcare organizations have been hit by at least one data breach. What is surprising, however, is that human error is reported as the primary cause of data breaches. The study found that almost all successful cyber attacks can be traced back to one or more human errors.
Source: CIO.com

Attacks Now Leverage Security Gaps Created by Users

Cyber-criminals are well aware of the human error factor as a potential gateway into the systems they are targeting. Therefore, email is still a primary method of gaining access and phishing. Many systems continue to rely on detection as a form of prevention, and hackers are taking full advantage of their ability to avoid getting picked up by these systems with emails that are unique enough to get around this surveillance and engaging enough to attract a recipient to open them. Attackers are also leveraging social networks to gain access through similar tactics.
Source: HealthDataManagement.com

Health IT Data Security Awareness Campaigns Can Reduce the Risk

Ransomware attacks are expected to continue growing in volume and diversifying in form in the coming years. While Chief Information Security Officers and Chief Medical Information Officers are working diligently to implement advanced systems and infrastructures to increase their Health IT security, awareness campaigns for staff may represent a cost-effective means of increasing data security for Covered Entities and Business Associates. A few potential areas to highlight in an awareness campaign for health IT data security are:

  1. Risks associated with accessing work documents from a non-HIPAA compliant or personal of email account
  2. Risks of accessing work documents or web based systems from public Wi-Fi connections
  3. Proper protocol for handling email from unknown senders
  4. Handling of links and attachments in emails

With a well-implemented awareness campaign and organizational dedication to data governance, the work health IT and software development teams are putting into securing patient data will lead to reduced risk of breach and improved protection of the organization’s ePHI.
 


Michael Scranton

Michael Scranton

As Director of Business Development, Michael is passionate about helping healthcare systems successfully transition to value-based care.

Related Posts

Illustration of four people in a healthcare organization discuss ideas and the roadmap for their softare development project.

Posted on December 03, 2021 by Paul Galbraith

When embarking on a software development project, there are often many unknowns: How should legacy software integrate with new solutions? What compliance issues need to be solved? How can technologies…Read more


Illustration. Middle: computer screen. Right: girl holding a key. Left, boy holding a cell phone.

Posted on November 09, 2021 by Pablo Bullian

PHI Leaked Due to Fresno’s Health Network Hack A group of health clinics in the Fresno area that belongs to United Health Centers were hit by a ransomware attack. Not…Read more


Newsletter
Subscribe to Our Newsletter

Get promotions and current business tips. Sign up for our newsletter today.