It’s no secret that I.T. security is becoming a more and more pressing concern as time goes on. According to the Identity Theft Resource Center, 2015 was the worst year in terms of data security since that organization began keeping records in 2005, and this is one trend that shows no signs of reversing. The healthcare industry, in particular, is feeling the full force of this, as approximately 35% of all breaches were aimed at this sector.
2016 is shaping up to be another historic year as the number of both individual attacks and compromised records continues to grow. June was the worst month of 2016 by far, as both Protenus and DataBreaches.net estimate that more than 11 million patient records were compromised during this period of time.
June: The Shape of Things to Come
Perhaps the scariest fact about I.T. security in June this year is that the 11,061,649 compromised patient records only represent 23 of the 29 total incidents that currently have exact data available for review. In fact, 10.3 million of those records were attributed to a single breach alone – a hack that compromised the entire customer database of a large insurance provider.
Out of the 137 incidents that occurred during the first half of June, a full 86% took place at exactly 24 different healthcare providers. The Protenus and Databreaches.net report goes on to state that three breaches targeted health plan providers, while one was directly related to an NFL football team that has yet to be named.
June 2016: The Breakdown
When you take a closer look at the cause of these breaches, you begin to get an indication that there is no one single point of failure that providers have to contend with in order to stay safe in the digital world. Attacks come from all angles, and a proactive approach is required in order to mitigate potential damage as much as possible.
41.4% of the June 2016 security incidents were the result of outright hacking by insiders, while an equal number were the result of insider incidents. An “insider incident” can be defined either as an employee of an organization who willfully acted with the intention of sharing confidential information, or it could be as simple as user error.
Interestingly, 17.2% of the incidents involved some type of theft, loss of devices or paper records. Even something as simple as leaving a smartphone behind at a bar can have devastating consequences if that smartphone also has access to a business’ enterprise as many commonly do in “bring your own device” (BYOD) situations.
The report would go on to say that, “The impact and rate of breaches illustrate how vulnerable the healthcare industry remains, as well as the need to proactively protect patient privacy and data with new technologies”. As always, remaining vigilant and keeping up with trends and best practices is always advised.
Additionally, experts warned against a business being compromised at the vendor or business associate level. Companies that have to share information with third party vendors put themselves at an increased risk for a security incident, as the nine breaches that were compromised in this manner go a long way toward proving. The report indicated that, “The number of business associates with access to patient records via EHR systems increasingly creates new security complexities for health systems to manage”.
Apex Technology Management is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (800) 310-2739 or send us an email at firstname.lastname@example.org for more information.