What Is The Biggest Cause Of Data Breaches In Healthcare?


Managing data is a big concern for many leading industries, especially when dealing with secure information.

If there is one thing we know, it’s that healthcare manages a massive amount of data that is meant to be protected for the sake of patient privacy.

Dealing with data brings security risks, such as data breaches, that often occur, putting the patient at risk.

According to a report released by CyberScout, there were 377 healthcare data breaches In just 2016 alone. This represents 34.5% of the overall study, which combined different industries like business, finance, education, and government.

“The business industry had a total of 494 reported data breaches, while there were 377 reported healthcare data breaches. Education came in third with 98 incidents, while the government/military had 72 reported breaches.” healitsecurity reports.

As a healthcare provider, it is important to understand the causes of these breaches, in order to avoid any risks. Let’s talk about some of the causes of data breaches that the healthcare sector deals with.

Insider Threat

According to Cyberscout, human error is the number one cause of data breaches in the healthcare industry.

“With the click of a mouse by a naïve employee, companies lose control over their customer, employee and business data. In an age of an unprecedented threat, business leaders need to mitigate risk by developing C-suite strategies and plans for data breach prevention, protection, and resolution,” said Matt Cullina, CEO of CyberScout and Vice Chair of ITRC’s Board of Directors.” Pr NewsWire reported. 

Most of the errors that result in data breaches in healthcare appear to be accidental, like a misdirected fax or improper release of sensitive papers. These losses lead up to 42% of industry breaches so far in 2017.

This was seen in the recent news, reported by HealthcareDive when an Aetna employee exposed confidential patient information regarding prescription refills. The term “Filling Prescriptions for HIV” was easily seen on the envelope, which is now resulting in a lawsuit filed in Pennsylvania court.

This breach has caused harm to Aetna beneficiaries because their personal health information was visible.

Along with accidental errors, incidents like stolen devices made up a large portion of data breaches in this industry, such as employees laptop used in healthcare facilities.

“According to the report, 32% of security events in the healthcare community we caused by stolen assets, 23% involved privilege misuse and 22% were labelled as Miscellaneous but included errors such as inappropriate publishing of information and sending PHI to the wrong individual” ACT reports. 

These computers usually are not secured as well as they should be when they have access to cloud-based patient tracking portals. This can be termed as “privilege abuse” which means that data is mishandled by unapproved hardware or software. This interferes with HIPAA regulations.

“What may surprise some security managers, mishandling of data in the form of improperly mailing patient information by staff members or uploading PHI to a sharing service are common occurrences.” ACT continues.

Hacking Plays A Role

Along with employee error, hacking is also a major factor when it comes to data breaches in healthcare. Hackers seek sensitive information using ransomware attacks and phishing attacks in digital systems.

Hackers are targeting healthcare providers because of the sensitive data that is found in medical healthcare records in order to perform financial attacks on patients. The information that they obtain from these records includes social security numbers, addresses, names, and even payment information.

Health insurance information is also a valuable asset that hackers look for because medical fraud can be carried out such as collecting free medical care or purchasing medical supplies.

In order to stop these data breaches from happening, the healthcare industry must become aware of the threats that are present, in order to tighten security and formulate the necessary IT teams to protect patient data.

If you want to find out about digital healthcare trends providers can take to cut back risk, attend Healthcare Providers Transformation Assembly.

Healthcare Providers Transformation Assembly


The Millennium Alliance is pleased to announce that application for our bi-annual Healthcare Providers Transformation Assembly is now open. Join leaders from North America’s leading Health Systems at The Ritz-Carlton in Dallas, TX.

This is not just another “Healthcare” event. Spaces are reserved for the best in the business. Contact us today to reserve your seat >>


Trackback URL: https://mill-all.com/blog/2017/09/06/what-is-the-biggest-cause-of-data-breaches-in-healthcare/trackback/

Leave a comment:

Your email address will not be published.