Report: 58% healthcare cybersecurity breaches involve insiders; 27% result from paper records

According to the 2018 Protected Health Information Data Breach Report (PHIDBR) from Verizon, cybersecurity in healthcare falls behind other industries in being able to protect personal information.

The report, which included the evaluation of 1,368 cybersecurity incidents from 27 countries, delves into the cybersecurity of healthcare following the Data Breach Investigations Report (DBIR). The PHIDBR includes findings on what cased cybersecurity incidents, what types of incidents are most common, and solutions to improving the privacy and security of patient data.

Findings included:

  • 21 percent of cybersecurity incidents occurred because of stolen laptops that contained unencrypted patient data.
  • 70 percent of cybersecurity incidents with malicious code were classified as ransomware attacks.
  • 58 percent of cybersecurity incidents in healthcare involved insiders. Insiders were found to endanger data for financial gain (48 percent), fun or curiosity in reading personal records (31 percent) and convenience (10 percent).
  • 27 percent of security incidents involved patient health information on paper records. Breaches of patient information from paper records are more prevalent in the healthcare sector. The main causes included sensitive data not being delivered correctly (20 percent), thrown away without shredding (15 percent) and lost paper documents (8 percent).

Solutions to improving cybersecurity included:

  • Full encryption: These services are effective and low-cost ways of protecting patient data.
  • Continuous monitoring of who has access to records: Cybersecurity polices should be required to the monitoring of patient health record access. Training employees and adopting warning banners could reduce incidents causes by internal factors.
  • Develop preventative measures: Adopting measures to combat ransomware attacks and malware would prevent devices from being hacked and patient health records from being accessed.
""
Cara Livernois, News Writer

Cara joined TriMed Media in 2016 and is currently a Senior Writer for Clinical Innovation & Technology. Originating from Detroit, Michigan, she holds a Bachelors in Health Communications from Grand Valley State University.

Around the web

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”

FDA Commissioner Robert Califf, MD, said the clinical community needs to combat health misinformation at a grassroots level. He warned that patients are immersed in a "sea of misinformation without a compass."

Trimed Popup
Trimed Popup