Criminal Attacks Primary Cause of Healthcare Data Breaches

Criminal Attacks Primary Cause of Healthcare Data Breaches

Back in March, we wrote about how cyber criminals are increasingly targeting the healthcare industry with more sophisticated methods. Now, the recently released “Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data, which is sponsored by ID Experts, backs up data we cited in our article. In fact, this report shows that, for the first time, criminal attacks are the number-one root cause of healthcare data breaches.

According to the study, there has been a 125% growth in these types of attacks over the last five years. While employee negligence and lost or stolen devices still result in many data breaches, according to the study’s findings, one of the key trends in the shift of data breaches is from accidental to intentional as criminals are increasingly targeting and exploiting healthcare data.

As we also indicated in our previous article, cyber criminals are going after this data for two principal reasons: healthcare organizations manage a plethora of financially lucrative personal information, and they do not have the resources, processes, and technologies to prevent and detect attacks and adequately protect healthcare data.

Moreover, the study also looked at the business associations of healthcare organizations and the effect on the emerging risk of data breaches. “With sensitive information flowing and new threats emerging daily, healthcare organizations and their business associates are at great risk for data breach. In fact, 91% of healthcare organizations and 59% of business associates experienced a data breach, said the study.
Unfortunately, however, since the study first began five years ago, there hasn’t been a significant investment among healthcare organizations to protecting healthcare information, particularly in light of the accelerated pace in which the cyber threat environment is evolving. The study shows that half of all healthcare organizations and business associates have little or no confidence that they have the ability to detect all patient data loss or theft.

The takeaway: Healthcare organizations and their business associates share vulnerable patient data and provide a greater attack surface and many points of access for criminals who are becoming more adept at getting and exploiting personal information. This means that these organizations must make the investment to implement robust cyber security measures. If not, we will continue to see attacks such as the massive breaches that took place at Anthem and Primera.

A well-designed Cyber Liability insurance program is also a crucial element in the mix. This coverage is essential in addressing the costs involved in a data breach. Coverage is necessary to cover costs involving forensics, notification, credit monitoring, and legal counsel, legal damages (defense and settlement), business interruption costs and fines, public relations and other expenses.

Caitlin Morgan’s Cyber Liability insurance program for healthcare facilities and organizations can be tailored to address specific requirements. We can help you secure a policy to fit an insured’s needs while also assisting with mitigating risks. Give us a call at 877.226.1027.