With data breaches and identity theft cases on the rise every year, it should be clear that no industry is immune to the dangers posed by identity thieves, hackers, and cybercriminals. However, some industries are at a much greater risk than others. Healthcare companies are among the world’s most targeted, and as a result, data breaches and security incidents in this industry are skyrocketing.
Here’s some of the latest news you need to know.
Protenus releases Q2 Breach Barometer report
Protenus, a data analytics firm that tracks data breaches in the healthcare industry, recently released their Q2 2018 Breach Barometer report, and the results paint a dire picture for healthcare organizations, as well as their patients and employees.
According to the report, records for more than 3.14 million patients were compromised in 142 disclosed breaches — and that’s just those that were revealed between April 1 and June 30 of this year. This is nearly three times the number of compromised records from the previous quarter.
The study also found that there were more than nine privacy violations — including any action that would improperly reveal sensitive patient data (even internally) — for every 1,000 employees, a figure that’s nearly twice what it was in Q1. “Family snooping” again ranks as the most common motivating factor of insider-related breaches. Insider-related breaches also rose sharply from the first quarter of 2018 — from 4,600 breached records to more than 70,000.
Of course, the most damning statistic to emerge from the Protenus survey is perhaps the shocking lack of accountability. According to the report, nearly 30 percent of all breaches were caused by repeat offenders within their organization.
Repeat offenses seem to be an unfortunate theme in the healthcare industry, especially when it comes to violating a patient’s privacy. Actions can range from careless, like improper network configuration or mailing a package to the wrong address, to deliberate, like when a nurse or doctor decide to snoop on family and friends.
Either way, as NPR discovered as part of a comprehensive investigation, repeat violators in the healthcare industry often go unpunished. Sure, you may read about massive multi-million dollar fines levied in the press, but rarely do companies get stuck paying these.
The U.S. isn’t alone in healthcare data breaches
Healthcare organizations in the U.S. aren’t the only ones in danger. Identity thieves, hackers, and cybercriminals are also targeting providers in other countries.
While there are numerous examples to pull from, one of the most recent — and significant — comes via SingHealth, the operator of Singapore’s largest group of healthcare institutions. Earlier this summer, the organization revealed that 1.5 million patients had their non-medical, personal data compromised. As many as 160,000 patients had their outpatient medical data compromised as well.
Even their prime minister was involved in the data breach.
What steps can organizations take?
Protecting the personal data of employees and patients should be among every healthcare organization’s chief concerns. And the first step towards protection begins with educating yourself, your co-workers, and your employees about how data breaches occur and what actions you can take to reduce risks at your organization.
A great place to start is with our complimentary guide, How Identity Theft and Data Breaches Impact the Healthcare Industry. For additional insight and actionable steps your healthcare company can take, you might consider our ebook, The HR Guide to Employee Data Protection and Identity Theft Prevention.Have further questions? That’s great, because we have the answers! Email or call us today.