April 13, 2021

5-Year Rise in Hacking Incidents Shows No Signs of Slowing

An alarming trend persisted in 2020 as hospitals and health systems battled COVID-19 surges and raced to develop a better understanding of the virus: hacking incidents increased for the fifth year in a row. 

Continue Reading
March 15, 2021

Key Takeaways from the 2021 Breach Barometer

Though it dominated media coverage, COVID-19 wasn't the only silent enemy healthcare organizations battled in 2020. Amid the chaos of the pandemic, hospitals and health systems were also ravaged by health data breaches, which were up 30% in 2020 compared to 2019. A new trend emerged of at least two data breaches per day.

Continue Reading
February 28, 2018

A Single Hacking Incident Responsible for 59% of Total Breached Patient Records in January

The health data breach landscape remained tumultuous in January, with almost an equal number of hacking and insider-related incidents. Of note, hacking incidents affected significantly more patient records, due largely to one particular breach that affected 59% of the total number of breached patient records this past month. Additionally, in a recent ruling, the HHS Office for Civil Rights (OCR) levied a $3.5 million fine to a healthcare provider after five separate breach incidents at various locations. OCR found that the organization had failed to conduct a risk analysis of possible threats and vulnerabilities to patient data as well as failed to implement policy and procedures to address security incidents and govern how electronic PHI should be moved in and out of the facilities. OCR and the healthcare organization have agreed to a corrective plan to overhaul the organization’s security measures and risk management plan. This ruling highlights, once again, the necessity for healthcare organizations to educate their employees on proper protocols for handling patient data and to gain full visibility into every access into their EHR in order to mitigate and even prevent these incidents from occurring.

Continue Reading
January 23, 2018

5.6M Patient Records Breached in 2017, as Healthcare Struggles to Comprehensively and Proactively Detect Health Data Breaches

The Breach Barometer Annual Report analyzes how data breaches have affected healthcare throughout 2017.
Continue Reading
September 20, 2017

Hacking Incidents are Quickly Discovered While Insiders Go Unnoticed

In July and August, it appeared that there were some signs of progress in terms of how long it took to discover a health data breach.  While we’d like to report a new emerging trend, unfortunately the data provided a false sense of improvement.  In the same time frame, healthcare has also experienced an uptick in the number of hacking incidents, which are often quickly discovered due to the effect they have on an organization’s daily operations.  As a result, some of this improvement may simply be attributable to more hacking, rather than faster discovery, though we’ll be tracking this carefully.  Indeed, while hacking is quickly detected, insiders continue to go unnoticed, creating a costly aftermath for both healthcare organizations and patients alike.

Continue Reading