sb-nz logo
Story image

Healthcare breaches down, but impacts more significant - Bitglass

13 Mar 2019

Cloud access security broker (CASB) company Bitglass has released its fifth annual Healthcare Breach Report, showing that the number of healthcare records breached in 2018 more than doubled since 2017.

Each year, Bitglass analyses data from the US Department of Health and Human Services’ ‘Wall of Shame’, a database containing information about breaches of protected health information (PHI) that affected 500 or more individuals.

In 2019’s report, the latest data is compared to that of previous years, revealing key trends and cybersecurity challenges facing the healthcare industry.

Breaches recorded in the HHS database are categorised into one of the following groups:

  • Hacking or IT incidents: Breaches related to malicious hackers and improper IT security

  • Unauthorised access or disclosure: All unauthorised access and sharing of protected health information

  • Loss or theft: Breaches enabled by the loss or theft of endpoint devices

  • Other: Miscellaneous breaches and leaks related to items such as improper disposal of data

According to the study’s findings, the number of breaches in 2018 was lower than that of the previous year.

Yet the number of records breached has more than doubled since 2017.

Additionally, of the 11.5 million individuals affected by healthcare breaches in 2018, 67% had their information exposed by hacking and IT incidents.

The steady rise of this type of breach suggests that healthcare IT systems are increasingly being targeted by malicious actors who recognise that said systems house massive amounts of sensitive data.

Bitglass CMO Rich Campagna says, “Healthcare firms have made progress in bolstering their security and reducing the number of breaches over the last few years.”

“However, the growth in hacking and IT incidents does deserve special attention. As such, healthcare organisations must employ the appropriate technologies and cybersecurity best practices if they want to secure the patient data within their IT systems.”

Key findings:

  • The number of reported healthcare breaches reached a three-year low of 290 in 2018

  • At 46%, hacking and IT incidents were the biggest causes of breaches, with unauthorised access and disclosure coming in second place at 36%

  • The average number of individuals affected per breach was 39,739 in 2018 – more than twice the average of 2017

  • The number of breaches caused by lost and stolen devices has decreased by almost 70% since 2014

Link image
Data is an organisation's most significant asset - here's how to protect it
Data resilience strategies are becoming more crucial as more value is ascribed to a company's data. If it's not stored securely and cost-effectively, expect problems.More
Link image
Track, analyse, act: The e-commerce metrics you need
E-commerce technology leaders need to track, analyze, and act on large volumes of business and system performance data. Danny Miles, the CTO of Dollar Shave Club, shares a powerful framework for thinking about and prioritizing e-commerce metrics.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Link image
Webinar: Best practices for keeping your video chats secure
Video collaboration providers nowadays operate exclusively on a multi-tenant, public cloud - and security and privacy concerns have come into the spotlight. Here's how to secure your communications.More
Story image
SMBs seeking service providers in face of rising cyber threats
SMBs are struggling with their cybersecurity solutions, with three quarters worried about being the target of a cyberattack in the next six months, and 91% considering using or switching to a new IT service provider if offered a better option.More