Around 27 million patient records were breached in 2016, with an average of one data breach per day, according to a Breach Barometer Report that Protenus and DataBreaches.net collaborated to produce.
What does this mean for 2017?
“If 2016 trends continue, 2017 can expect to see a continued average of at least one health data breach disclosed per day.”
The report aims to look at the lessons learned in hopes of finding a “way forward for protecting patient privacy.”
Of the 450 incidents reported, 192 of them, or 43 percent, were the result of insiders, either with or without malicious intent.
The report “shines a brighter light on why covered entities need to pay greater attention to and allocate more resources to preventing and detecting insider breaches and business associate or third-party breaches,”according to this databreaches.net post.
The post examines the top 12 healthcare data breaches of 2016. The very first and largest breach is tied to an unnamed vendor for a health plan. In that case, 10.3 million records were hacked from a database that no one would admit they owned. While the data was old, “according to the hacker, it was a vendor’s insurance leads file for a major health insurer.”
Most media outlets list DataBreaches.net’s second incident, Banner Health, as the biggest breach of the year. In that breach, 3,620,000 patient records were compromised. Banner announced on July 7 that its payment card system at F&B site had been hacked and less than a week later, learned hackers might have accessed PHI. Other big offenders include Newkirk Products, a service provider that issues healthcare ID cards; 21st Century Oncology, which learned their network had been hacked from the government; Valley Anesthesiology and Pain Consultants; Los Angeles County; Bon Secours Health System; Peachtree Orthopaedic Clinic; Radiology Regional Center; California Correctional Health Care Services; Community Health Plan of Washington; and Central Ohio Urology Group.
In DataBreaches.net second half of its 2016: Healthcare data breaches in review, Part 2 post, the takeaway is clear:
“But if we really want to prevent more breaches, make it your goal in 2017 to reduce employee errors and to increase employee compliance with policies and protocols.”
Protenus is a proactive patient privacy analytics platform that protects patient data in the EHR for some of the nation’s top-ranked hospitals. DataBreaches.net is a website devoted to reporting on data security breaches, their impact, and legislative developments relevant to protecting consumer and patient information.
Are you covered for identity theft?
Image: Pexels