Study: Half of all healthcare data breaches due to hackers
The percentage of healthcare data breaches due to criminals has risen from 20 to 50 percent since 2010, according to a study by Ponemon Institute.
The average percentage of healthcare organizations that have experienced a data breach have stayed steady, in the high 80s and low 90s, according to Larry Ponemon, chairman and founder at Ponemon Institute.
Some of the biggest problems that healthcare systems face today are ransomware, data encryption making patient records inaccessible, and denial-of-service attacks. These attacks have the potential to shut down hospitals and impact patient safety. In a previous study conducted by ISE, tech experts posing as hackers were able to hack into and control patient monitors. They were able to bypass the online authentication process so that a medical device may be "weaponized" against a targeted patient.
One reason as to why these problems haven’t been solved is the ongoing disagreement between healthcare providers and third-party business associates, such as drug companies and claims processors.
"Neither the business associates nor the health care entities are doing their job," said Ponemon. There is also a lack of funds for regional and local hospitals to help them implement the protection their systems need, leaving them targets to criminals.
More than 69 percent of hospitals are aware of the risk they are at compared to other industries, yet they have no way of stopping the onslaught of data breaches. More than half (52 percent) said that security budgets have stayed the same since last year, and 10 percent said their budgets decreased.
"There's a small increase in security budgets but that incremental spending is not keeping up with the threat," said Ponemon.
Some 63 percent of respondents said they have policies and procedures that are in place to effectively prevent or quickly detect unauthorized patient data access, up from 58 percent in 2015, and 57 percent said they have the expert personnel to be able to identify and resolve data breaches, up from 53 percent in 2015.