Unauthorized disclosures are now the leading cause of healthcare-related data breaches, up to 40% of the total causes of loss.
While it used to be that loss or theft of an employee's corporate device accounted for 68% of all healthcare breaches (in 2014), unauthorized disclosures, followed closely by malicious hacking, are now the top causes of concern for the health industry.
In Bitglass' Healthcare Breach Report 2017, we can see an in-depth analysis of major breaches that occurred last year, and how these trends will continue to grow or evolve in 2017.
The study reports an all-time high in healthcare data incidents, jumping from 268 breaches in 2015 to 328 in 2016. However, of these breaches, approximately 16.6 million Americans were affected, which is a significantly lower number of individual records leaked compared to 2015.
So even though there are more breaches occurring, hackers are getting less of a payload—although we've already seen 71 healthcare data breaches in Q1 of 2017 alone (leaking 1.5 million records).
According to research from the Ponemon Institute, the average breach costs American businesses $221 per lost record.
But for the healthcare industry, the cost is much higher. While the volume of leaked records is on the decline, hackers scored an average of $402 per leaked medical record in 2016 (an all-time high).
That's a lot of money for 16.6 million files. It's one thing to have to change your credit card number if your bank gets hacked, but it's a whole other process to have to get your Social Security number changed, or to be served with a past-due notice for someone else's surgery.
"Breaches and information leaks are unavoidable in every industry, but healthcare remains one of the biggest targets," said Nat Kausik, CEO of Bitglass, in a press release. "While threats to sensitive healthcare data will persist, increased investments in data-centric security and stronger compliance and disclosure mandates are driving down the impact of each breach events."
Data from this report was taken and analyzed from the U.S. Department of Health and Human Services’ Wall of Shame.