Healthcare Record Breaches Triple Since Last Year
By: Jim Stickley and Tina Davis
April 9, 2019
It’s an ongoing issue concerning healthcare hacks, and there are no signs of improvement. The latest Protenus Breach Barometer, one of the best-known reporters in healthcare data breaches, finds the number of compromised healthcare patient records almost tripled since 2017. A recent report finds in 2017, the number of breached patient records was 5.5 million. The startling jump to 15 million in 2018 presents the largest number of breaches yet, with at least one healthcare data breach per day. The healthcare industry has been a source of hack attacks for years and the latest Breach Barometer shows there are no signs of improvement.
The report shows there was a slight increase in healthcare hacks overall, from 417 in 2017 to 503 in 2018. However, the number of breached patient records tripled in growth. Stolen records don’t always involve dedicated hackers going directly after hospitals. In fact, many cases involving hacks with third-party vendors and insider threats such as nefarious employees account for 49 of reported incidents, to the tune of 5,328,525 breached records. Unfortunately, insider hacks are much more difficult to find than outright hack attacks. These breaches can go undiscovered for years and the healthcare industry continues to struggle to keep them at bay. Email phishing attacks are also on the rise, increasing 473% since last year. It seems everywhere you look, patient records are easily being breached.
Although the Breach Barometer shows a dismal increase in the number of breached records in 2018–as bad as it sounds, it’s not hopeless. An informed and cyber-educated patient can be the best defense against hackers. Patients aware of the breach statistics should check their hospital bills and accounts carefully, looking for signs that something is not quite right. Quick reporting to healthcare providers can help keep damage to a minimum and help prevent others from becoming victims of a breach.
As always, a cyber-smart group of healthcare providers is always a great way to keep immunized against cyber threats and mistakes from inside organizations. While it may initially seem an overwhelming task, there are many third-party companies that provide comprehensive security awareness training to fit your organization’s individual needs. Get recommendations and do research to find one that works for you.
While healthcare struggles to be cyber-resilient, continuing employee education and informed patients are currently the best line of defense.