Almost 90% of healthcare agencies were the victims of a data violation in the past 2 years, and 45% had more than 5 data breaches during that similar time period.
Criminal attacks are the major cause of these health data breaches, with 50% of healthcare agencies and 41% of business associates reporting such attacks, while worker mistakes, third-party snafus, and stolen computer tools are the cited reasons for the other violations.
Those are among the conclusions of a latest study by the Ponemon Institute, sponsored by software and services vendor ID Experts, in which denial-of-service attacks; malware, ransomware, and phishing are enlisted as the top cyber risks confronting healthcare agencies and business associates.
As the cyber risk has sustained to increase, 79% of healthcare agencies experienced various data breaches (2 or more) in the past 2 years—up 20% since the year 2010. And, 34% of healthcare agencies experienced 2 to 5 breaches.
Rick Kam, president of ID Experts, point outs that the 2016 report is the 6th annual report gave in partnership with the Ponemon Institute and that the there is not much change in the statistics over the passage of time. “That in itself appears to be a problem,” he states. “The figures, frequency, and intensity of breaches in the healthcare sector sustain to be high.”
Kam considers the issue is just going to get worse before it gets better. In that regard, the research also discovered that however most surveyed agencies consider they are susceptible to a data breach, they are unprepared to deal latest risks like ransomware and deficiency the resources to secure patient data.
In fact, 59% of healthcare agencies and 60% of business associates surveyed do not consider their agency’s security budget is enough to curtail or minimize information breaches.
These agencies are in the unenviable post of either paying now by contributing in cyber defense or paying later in regards of economical losses. As the report discloses, data violations are costing the healthcare industry $6.2 billion yearly, with the average price of data violations for covered entities surveyed now standing at more than $2.2M while the average price to business associates in the research pegged at more than $1 million. Medical records are the most usually exposed information, followed by the insurance and billing records, and payment details.
In the research, 38% of healthcare agencies and 26% of business associates are aware of medical identity theft cases impacting their own sufferers and clients. Nevertheless, 64% of healthcare agencies and 67% of BAs surveyed do not give any protection services for victims whose data has been breached.
The CISA act would develop a cybersecurity framework particularly concentrated on healthcare and instructs the Department of Health and Human Services to recognize a particular leader on cyber preparedness, as well as directs HHS to make a series of best practices for health industry leaders to follow—on a voluntary basis—to assist them keep their agency’s data as safe as possible.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment