March 20, 2017

Hacking Incidents Down, While Some Insider Health Data Breaches Took 5+ years to Discover

After a noticeable decline in the number of hacking incidents, insider-related breach incidents have doubled relative to the previous month. February’s health data breaches reinforce the importance of understanding inappropriate workforce activity, especially when the majority of incidents come from within a healthcare organization.  For instance, a Nebraska hospital recently discovered a breach that had been going for more than five years and was the result of ongoing insider-wrongdoing.  It’s important for healthcare organizations to use advanced analytics to immediately detect breaches of this magnitude in real-time, greatly reducing the impact for patients and organizations alike.

Continue Reading
February 13, 2017

31 Health Data Breaches Disclosed in January as HHS Fines for Late Reporting

2017 has kicked off with a huge proportion of insider threats, as January data from disclosed breaches reveals that 59.2% of breached patient records were the result of insiders.  This month’s health data breaches reinforce the importance of health data security, as the need to protect patient data from insiders continues to loom large.  Healthcare organizations, more than ever, need to be proactive in discovering and reporting when a breach has occurred. This is especially the case given that HHS OCR has issued its first fine for failing to report a breach within their 60-day window.

Continue Reading
December 15, 2016

An Alarming 57 Health Data Breaches in November - Highest in 2016

This month’s data regarding breaches of protected health information reinforces the need for health data security to be a top priority.  With an average of almost 2 breaches per day, November has seen a record number of breach incidents, the highest of any month in 2016.  What’s even more concerning is that employees (insiders) are responsible for more than half of this month’s breaches to patient data, a notable increase from past months.

Continue Reading
November 16, 2016

Patient Data Irretrievably Lost Due to PHI Breaches

Each month in 2016 has seen substantial PHI breaches, causing an influx of records for sale on the dark web, which is now causing a sudden price collapse. Hacking and ransomware continue to loom large with several instances of patient data irretrievably lost.

Continue Reading
October 13, 2016

Olympians Fall Victim as 2016 Continues Breakneck Health Data Breach Pace

September’s largest single incident involved a ransomware that affected 58,000 records. While the overall number of breached records is down, the second half of 2016 is shaping up to be significantly worse than the first half when it comes to patient data security. September’s breach totals include several olympic athletes after the World Anti-Doping Agency (WADA) suffered from a hacking incident apparently at the hands of Russian cyber-espionage group, Tsar Team (APT28), also known as Fancy Bear. While this month’s patient records breached total (246,876) pales in comparison to this past summer’s total (20 million), it’s important to re-emphasize the ever-evolving threats to patient data and the misfortune that can occur when this information lands in the wrong hands.

Continue Reading