In 2015 and 2016, Protenus found that the privacy of professional athletes’ medical records was violated equal to or more than any other VIP or celebrity category. The majority of these privacy violators were repeat offenders. Why? In many cases, Protenus found that football enthusiasts were looking for a competitive edge in their fantasy league by looking at the athlete's records to identify injuries or other types of vulnerabilities.  

In July and August, it appeared that there were some signs of progress in terms of how long it took to discover a health data breach.  While we’d like to report a new emerging trend, unfortunately the data provided a false sense of improvement.  In the same time frame, healthcare has also experienced an uptick in the number of hacking incidents, which are often quickly discovered due to the effect they have on an organization’s daily operations.  As a result, some of this improvement may simply be attributable to more hacking, rather than faster discovery, though we’ll be tracking this carefully.  Indeed, while hacking is quickly detected, insiders continue to go unnoticed, creating a costly aftermath for both healthcare organizations and patients alike.

July is the first month in 2017 to have hacking incidents outweigh insider breaches to patient data in both frequency and number of affected patient records.  While hacking accounted for almost half of total breach incidents this month, the severity and potential damage of insider threats to patient data should not be overlooked, with one incident going undetected for 14 years.