Report: 58% healthcare cybersecurity breaches involve insiders; 27% result from paper records

According to the 2018 Protected Health Information Data Breach Report (PHIDBR) from Verizon, cybersecurity in healthcare falls behind other industries in being able to protect personal information.

The report, which included the evaluation of 1,368 cybersecurity incidents from 27 countries, delves into the cybersecurity of healthcare following the Data Breach Investigations Report (DBIR). The PHIDBR includes findings on what cased cybersecurity incidents, what types of incidents are most common, and solutions to improving the privacy and security of patient data.

Findings included:

  • 21 percent of cybersecurity incidents occurred because of stolen laptops that contained unencrypted patient data.
  • 70 percent of cybersecurity incidents with malicious code were classified as ransomware attacks.
  • 58 percent of cybersecurity incidents in healthcare involved insiders. Insiders were found to endanger data for financial gain (48 percent), fun or curiosity in reading personal records (31 percent) and convenience (10 percent).
  • 27 percent of security incidents involved patient health information on paper records. Breaches of patient information from paper records are more prevalent in the healthcare sector. The main causes included sensitive data not being delivered correctly (20 percent), thrown away without shredding (15 percent) and lost paper documents (8 percent).

Solutions to improving cybersecurity included:

  • Full encryption: These services are effective and low-cost ways of protecting patient data.
  • Continuous monitoring of who has access to records: Cybersecurity polices should be required to the monitoring of patient health record access. Training employees and adopting warning banners could reduce incidents causes by internal factors.
  • Develop preventative measures: Adopting measures to combat ransomware attacks and malware would prevent devices from being hacked and patient health records from being accessed.
""
Cara Livernois, News Writer

Cara joined TriMed Media in 2016 and is currently a Senior Writer for Clinical Innovation & Technology. Originating from Detroit, Michigan, she holds a Bachelors in Health Communications from Grand Valley State University.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.