Healthcare data is the most valuable data a thief can get their hands on. Last year Ponemon did a study, which found that of the 40 companies across 12 industries surveyed, that negligence or human error is the primary root cause of data breaches. Yet the stats are very different when it comes to the healthcare industry. The main cause of a data breach is criminal intent. Ponemon’s study says that 45% of these breaches came from criminal attacks; 43% by lost or stolen computing devices; 40% via employee mistakes; and 12% via a malicious insider. This is because patient data has about 10 to 20 times more value than a U.S. credit card number according to Don Jackson, Director of Threat Intelligence at PhishLabs. The reason for this is that medical theft is usually not immediately identified, which gives criminals a lot of time to use the stolen credentials. Stolen credit cards have shorter theft life spans as credit card fraud is easily detected and the credit cards are cancelled right away, rendering them useless for the criminals.
Did you know that 90% of healthcare organizations surveyed by Ponemon have suffered at least one data breach exposing patient data over the past two years? While 39% have been hit by two- to five breaches, and 40% had suffered more than five breaches during that time frame. Why are these stats so high? In a lot of the cases it’s due to healthcare organizations having dated and low security, making patient medical records an ideal steal.
Healthcare organizations need to step up their game as these breaches are not small dollars. The cost of all of these breaches is around $6 billion per year, with an average cost of $2.1 million per healthcare organization.
For more information on how to protect patient data, read our eBook “Healthcare Providers and Patient Data Security – Protecting Patient Data”
BLOG: Healthcare Data Breaches – Same Wood, Different Tree
BLOG: Only 59 Percent Encrypting in Healthcare IT