Protenus: Hacking Incidents Outweigh Insider Breaches in July | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Protenus: Hacking Incidents Outweigh Insider Breaches in July

August 21, 2017
by Rajiv Leventhal
| Reprints

July is the first month in 2017 to have healthcare cybersecurity hacking incidents outweigh insider breaches to patient data in both frequency and number of affected patient records, according to the latest report from Protenus.

While hacking accounted for almost half of total breach incidents this month, the severity and potential damage of insider threats to patient data should not be overlooked, with one incident going undetected for 14 years. The findings were the latest from latest Protenus, which constructs a “Breach Barometer” report each month. The Protenus Breach Barometer is a monthly snapshot of reported or disclosed breaches impacting the healthcare industry, with data compiled and provided by

Overall in July, there were 36 breach incidents first disclosed this month to the Department of Health and Human Services (HHS), the media, or a state’s Attorney General. For the 29 incidents for which Protenus had numbers, 575,142 patient records were affected.  The largest single incident for which they had numbers involved 300,000 patient records in a ransomware incident. In June, Protenus recorded 52 such incidents—the most of any month in 2017.

In an unusual turn of events, according to Protenus experts, hacking outweighed insider incidents in both frequency and the number of patient records affected this month.  In July, there were 17 hacking incidents, affecting 516,053 patient records, almost 21 times more patient records than breached by insiders.  There were 10 hacking incidents in which ransomware was specifically mentioned as the cause of the health data breach. 

Meanwhile, insiders were responsible for 22 percent of May’s total breach incidents (eight total incidents).  There are numbers for seven insider incidents, affecting 24,212 patient records.  Three of the reported insider incidents were the result of insider-error.

Also of note in the July report, of the reported incidents for which there are numbers, it took an average of 503 days (median = 79.5 days) for healthcare organizations to discover a breach had occurred.  It’s important to note that the mean and median are drastically different given the extreme range of the data, noted the Protenus report: some entities discovered a breach immediately, while one incident went undiscovered for 14, a result of insider wrong-doing.  This is by far the longest undetected breach that has been included in any of the Breach Barometer reports. 

“The longevity of this type of insider breach of patient data is extremely worrisome.  This breach affected 1,100 patient records and went completely unnoticed until someone called in a complaint.  This is a prime example of why healthcare needs to be much more proactive in detecting inappropriate access to patient information.  This organization will now face a multitude of costs associated with a breach, an unfortunate event that can now serve as a learning experience for the rest of the industry,” the report’s authors wrote. It also took an average of 67.5 days (median = 60 days) from the time a breach was discovered to when it was disclosed, either to HHS, the media or the state’s Attorney General, the report revealed.

Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Study: EHRs Tied with Lower Hospital Mortality, But Only After Systems Have Matured

Over the past decade, there has been significant national investment in electronic health record (EHR) systems at U.S. hospitals, which was expected to result in improved quality and efficiency of care. However, evidence linking EHR adoption to better care is mixed, according to medical researchers.

Nursing Notes Can Help Predict ICU Survival, Study Finds

Researchers at the University of Waterloo in Ontario have found that sentiments in healthcare providers’ nursing notes can be good indicators of whether intensive care unit (ICU) patients will survive.

Health Catalyst Completes Acquisition of HIE Technology Company Medicity

Salt Lake City-based Health Catalyst, a data analytics company, has completed its acquisition of Medicity, a developer of health information exchange (HIE) technology, and the deal adds data exchange capabilities to Health Catalyst’s data, analytics and decision support solutions.

Advocate Aurora Health, Foxconn Plan Employee Wellness, “Smart City,” and Precision Medicine Collaboration

Wisconsin-based Advocate Aurora Health is partnering with Foxconn Health Technology Business Group, a Taiwanese company, to develop new technology-driven healthcare services and tools.

Healthcare Data Breach Costs Remain Highest at $408 Per Record

The cost of a data breach for healthcare organizations continues to rise, from $380 per record last year to $408 per record this year, as the healthcare industry also continues to incur the highest cost for data breaches compared to any other industry, according to a new study from IBM Security and the Ponemon Institute.

Morris Leaves ONC to Lead VA Office of Electronic Health Record Modernization

Genevieve Morris, who has been detailed to the U.S. Department of Veterans Affairs (VA) from her position as the principal deputy national coordinator for the Department of Health and Human Services, will move over full time to lead the newly establishment VA Office of Electronic Health Record Modernization.