2020 Witnessed a Massive Surge in Healthcare Breaches
Following the outbreak of COVID-19 and the transition to a primarily remote work environment, healthcare breach systems are on the rise — learn more here.
Join the DZone community and get the full member experience.Join For Free
According to the U.S. Department of Health and Human Services Office for Civil Rights (OCR) in early 2020, following the outbreak of COVID-19, a huge number of large healthcare data breaches registered — more than in any other year. The Tenable Research 2020 Threat Landscape Report reported that the largest data breach violated 22bn records of personal data in 2020 impacted the healthcare sector. An article made available HIPAA journal in January 2021 reported that:
- Over 29 million healthcare records were impacted during 2020
- A rate of 1.76 Healthcare related data breaches per day was recorded
- Healthcare data breaches grew by 25% year-over-year
- During 2020 642 healthcare data breaches of 500 or more records were discovered
In addition to this:
- The total amount of healthcare data breaches has doubled since 2014 and tripled since 2010
- Over 3,700 breaches of 500 or more records have been reported since October 2009
- Since 2009 the total number of exposed records is more than 78 million
How Data Breaches Occur
The database breaches happened as a result of three main factors:
- Cyber attacks — hacking attacks involving malicious hacking campaigns
- Endpoint devices being stolen or lost
- Unauthorized disclosure of personal healthcare information
The size of the breaches is worrying. One large breach that focused on Dental Care Alliance was discovered on October 11 and comprised the payment card numbers of more than 1 million patients. The hackers initially obtained access to the DCA systems on September 18. A solution was not put in place until October 13. Along with payment card data, those responsible may have illegally taken patient names and contact information as well as medical information and insurance information. Patients were made aware of the attack in early December and approximately 10% of the patients later reported a breach of their account numbers.
There are many factors that have led to the huge spike in attacks that took place over the last 14 months. Like many sectors, the change to remote work systemsand the worrying nature of the COVID-19 pandemic on healthcare organizational leaders has been one of the main reasons. However money has been the main factor behind the rise of cyberattacks on the healthcare industry. Patient records are valuable in the open market due to the personal and private data they contain. While credit card information will only garner a few dollars on their own, patient data can be sold for up to $150 per record. Sadly, an infiltrated record costs the victimized group an average of $499 last year, a 16% increase annually.
Published at DZone with permission of Patrick Smith. See the original article here.
Opinions expressed by DZone contributors are their own.