Study: Half of all healthcare data breaches due to hackers

The percentage of healthcare data breaches due to criminals has risen from 20 to 50 percent since 2010, according to a study by Ponemon Institute.

The average percentage of healthcare organizations that have experienced a data breach have stayed steady, in the high 80s and low 90s, according to Larry Ponemon, chairman and founder at Ponemon Institute.

Some of the biggest problems that healthcare systems face today are ransomware, data encryption making patient records inaccessible, and denial-of-service attacks. These attacks have the potential to shut down hospitals and impact patient safety. In a previous study conducted by ISE, tech experts posing as hackers were able to hack into and control patient monitors. They were able to bypass the online authentication process so that a medical device may be "weaponized" against a targeted patient.  

One reason as to why these problems haven’t been solved is the ongoing disagreement between healthcare providers and third-party business associates, such as drug companies and claims processors.

"Neither the business associates nor the health care entities are doing their job," said Ponemon. There is also a lack of funds for regional and local hospitals to help them implement the protection their systems need, leaving them targets to criminals.

More than 69 percent of hospitals are aware of the risk they are at compared to other industries, yet they have no way of stopping the onslaught of data breaches. More than half (52 percent) said that security budgets have stayed the same since last year, and 10 percent said their budgets decreased.

"There's a small increase in security budgets but that incremental spending is not keeping up with the threat," said Ponemon.

Some 63 percent of respondents said they have policies and procedures that are in place to effectively prevent or quickly detect unauthorized patient data access, up from 58 percent in 2015, and 57 percent said they have the expert personnel to be able to identify and resolve data breaches, up from 53 percent in 2015.

 

""
Cara Livernois, News Writer

Cara joined TriMed Media in 2016 and is currently a Senior Writer for Clinical Innovation & Technology. Originating from Detroit, Michigan, she holds a Bachelors in Health Communications from Grand Valley State University.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.