9 Out of 10 Healthcare Organizations Have Suffered a Data Breach Since 2010

Data BreachSince 2010, healthcare has seen a 125% increase in criminal attacks to their digital patient data. In fact, according to a study by the Ponemon Institute, 91 percent of healthcare organizations have been hit by at least one data breach. What is surprising, however, is that human error is reported as the primary cause of data breaches. The study found that almost all successful cyber attacks can be traced back to one or more human errors.

Source: CIO.com

Attacks Now Leverage Security Gaps Created by Users

Cyber-criminals are well aware of the human error factor as a potential gateway into the systems they are targeting. Therefore, email is still a primary method of gaining access and phishing. Many systems continue to rely on detection as a form of prevention, and hackers are taking full advantage of their ability to avoid getting picked up by these systems with emails that are unique enough to get around this surveillance and engaging enough to attract a recipient to open them. Attackers are also leveraging social networks to gain access through similar tactics.

Source: HealthDataManagement.com

Health IT Data Security Awareness Campaigns Can Reduce the Risk

Ransomware attacks are expected to continue growing in volume and diversifying in form in the coming years. While Chief Information Security Officers and Chief Medical Information Officers are working diligently to implement advanced systems and infrastructures to increase their Health IT security, awareness campaigns for staff may represent a cost-effective means of increasing data security for Covered Entities and Business Associates. A few potential areas to highlight in an awareness campaign for health IT data security are:

  1. Risks associated with accessing work documents from a non-HIPAA compliant or personal of email account
  2. Risks of accessing work documents or web based systems from public Wi-Fi connections
  3. Proper protocol for handling email from unknown senders
  4. Handling of links and attachments in emails

With a well-implemented awareness campaign and organizational dedication to data governance, the work health IT and software development teams are putting into securing patient data will lead to reduced risk of breach and improved protection of the organization’s ePHI.

 

As Director of Business Development, Michael is passionate about helping healthcare systems successfully transition to value-based care.

Questions? Let our experts help!

Complete the form below or Call 866-932-9944 Monday through Friday from 9am to 5pm EST.

  • Connect With Us

  • Contact Us


  • Newsletter

    Get promotions and current business tips. Sign up for our newsletter today.