Security in the healthcare sector has been making headlines for all the wrong reasons in recent months, and a new report has found that the industry is showing little sign of cleaning up its act.
More organizations than ever participated in this year’s Data Breach Investigations Report, which identified a record 80,000 security incidents and 2,100 data breaches. According to information shared with Healthcare IT News, 234 of those security incidents related to healthcare as well as 141 data breaches.
A number of security areas became more vulnerable, including incidents of insider misuse, which accounted for 15 percent of healthcare incidents in 2014 but jumped to 20 percent this year. Senior Verizon analyst Susan Widup says this is a particular cause for attention, as it includes everything from employee snooping to organized crime groups.
Other areas in which healthcare organizations became more vulnerable included web app attacks (seven percent, up from three percent in 2014) and denial of service attacks (9 percent, up from two percent last year and the 4 percent all-industry average.)
These jumps, of course, mean that there was some good news for the healthcare industry, as theft or loss of unencrypted devices fell from a huge 46 percent last year to 26 percent this year. “It was surprising to see that go down a bit,” said Widup, but the new figure still represents “a huge problem.” She concluded that rather than any significant improvement, healthcare is just seeing a shift in some of the threat actors.
In February, Anthem Inc. was hit by the largest ever data breach suffered by a health insurance company, potentially affecting as many as 80 million customers.
by Kyle Ellison, ESET