BreachExchange mailing list archives

Incidents Of PHI Attacks Continue To Increase


From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Wed, 6 May 2015 18:19:14 -0600

http://www.healthitoutcomes.com/doc/incidents-phi-attacks-continue-increase-0001

More than 1,000 large scale data breaches were reported during the
three-year period from 2010 to 2013. According to research published by the
Journal of the American Medical Association, these include incidents which
affected at least 500 individuals and totaled more than 29 million people.

“While electronic data security and privacy is not a problem that is unique
to healthcare, individually identifiable health data cannot be easily reset
or changed once it has been compromised like credit card information can,
for example,” Dr. Vincent Liu of the Kaiser Permanente Division of Research
in Oakland, CA told Reuters Health. “Electronic health records and other
emerging technologies for using health data have great potential to improve
the delivery of high-value healthcare, however, we must ensure that our
patients' data remains secure.”

iHealth Beat reports 50 percent of all breaches involved the theft of a
laptop, thumb drive, or paper records. Breaches attributed to hacking
accounted for only 12 percent of all breaches in 2010. In 2013, however,
that number jumped to 27 percent.

“We found that as many as 30 million records were compromised in a
four-year span,” Liu said. “If each of these represented records from a
unique patient, it could suggest that as many as 1 of every 11 Americans'
healthcare data has been compromised.”

Researchers expect the number of electronic breaches to continue to
increase as technologies such as cloud-based analytics services, gene
sequencing, personal health records, and other health-related technology
become more popular. The study suggests healthcare organizations and
lawmakers take action to both increase staff training and increase security
measures.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!

Current thread: