Key points from Protenus’ new report!

In November 2017, healthcare data security and privacy company Protenus released a report on the most common security breaches in healthcare. Here are a few key takeaways.

• 41% of the health and data breaches in 2017 were caused by insiders. These errors, leaks and incidents are estimated to have affected over 1 million patient records and are on course to overtake the number of breaches in 2016.
• Security breaches caused insiders were mostly simple accidents, but these accounted for a larger chunk of security incidents which affected patient records.
• Insider accidents affected over 420,000 patient records, whereas, insider wrongdoings affected over 740,000 patient records.
• On average, insider breaches go unnoticed for 387 days. This is because insiders, malicious or not, are using legitimate credentials, making inappropriate use much harder to detect.

• Hacking accounted for 32% of all reported incidents, and garnered more media attention because hackers usually disrupt a large amount of patient records in a single incident. It is estimated that close to 1.5 million patient records were breached by them.
• Extortion is on the rise, and it comes as no surprise that the healthcare industry has become an easy target due to an ever-increasing volume of sensitive data and lack of security measures. There were 46 recorded incidents in September, compared to 33 in August.
• As cyber criminals' attempts to access patient records become more rampant and sophisticated, companies, now more than ever must be wary of security breaches. The data presented in Protenus’ report highlights some of the most common causes of a security breach and emphasizes the importance of two methods companies should use to potentially reduce compromises in security: IT training and ongoing education on security methods to counter errors made by insiders, preventing cyber attacks, and proactively reacting to malicious insiders.