Report: Healthcare Sector Hit Hard in 2016 by Data Breaches | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Report: Healthcare Sector Hit Hard in 2016 by Data Breaches

January 24, 2017
by Rajiv Leventhal
| Reprints

Across all industries, the number of U.S. data breaches tracked in 2016 hit an all-time record high of 1,093, and in healthcare, troubling data security trends continue to plague the sector, according to new research from the Identity Theft Resource Center (ITRC) and CyberScout.

The number of breaches in 2016 represents a substantial hike of 40 percent over the near record high of 780 reported in 2015. Since 2005, the ITRC has been identifying data breaches in five industry sectors. In 2016, the business sector again topped the list in the number of data breach incidents, with 494 reported, representing 45.2 percent of the overall number of breaches. This was followed by the healthcare/medical industry (377 incidents), representing 34.5 percent of the overall total. The education sector (98) followed at 9.0 percent, the government/military (72) at 6.6 percent and the banking/credit /financial sector (52) at 4.8 percent.

The latest findings make up the ITRC Data Breach Report 2016. The report included some noteworthy healthcare statistics:

  • Healthcare exposed the most SSNs compared to all other industries (business, education, financial, and government)
  • The most records exposed by employee error or negligence were in the healthcare sector
  • The healthcare industry was hit hardest by hacking, skimming and phishing attacks

What’s more, regarding the reporting of the known number of records exposed, half (50.7 percent) of the overall number of breach notifications did not include this information. However, due to the mandatory reporting requirement for healthcare industry breaches affecting 500 or more individuals, 84 percent of the healthcare breaches publicly stated the number of records exposed.

It should also be noted that several large scale breaches in 2016— which only involved usernames, passwords, or emails— while included on the list, did not specify the vast number of records exposed because this type of information does not typically trigger most data breach notification laws.

To this end, a recent year-in-review Breach Barometer report from Protenus revealed that 2016 averaged at least one health data breach per day, affecting more than 27 million patient records. If 2016 trends continue, according to those report authors, 2017 can expect to see a continued average of at least one health data breach disclosed per day.

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More

Topics

News

David Bates to Receive Glaser Award at UTHealth School of Biomedical Informatics

On Oct. 30, the 2017 John P. Glaser Health Informatics Innovator Award will be presented to patient safety expert David Bates, M.D.

TMCx Digital Health Accelerator Prepares for 2018 Class

TMCx, a digital health accelerator program launched in 2015 by the Texas Medical Center’s Innovation Institute, is seeking applications for its 2018 class of startups.

DoD, Leidos Roll Out MHS Genesis at Madigan Army Medical Center

Madigan Army Medical Center in Takoma, Washington is now the fourth military site to go live with the MHS Genesis electronic health record (EHR) system.

athenahealth to Cut Workforce by 9 Percent, Close Two Offices

athenahealth, the Watertown, Mass.-based electronic health record (EHR) vendor, expects to reduce its workforce by about 9 percent due to an organizational redesign that also involves the closure of two offices.

CISO Survey: End Users See Security as a Hurdle to Innovation

Traditional approaches to security are leading to frustrated users and strained relationships between workers and IT departments, according to the findings of a CISO survey. About three-fourths (74 percent) of CISOs say end users are frustrated that security disrupts productivity and 81 percent say end users see corporate security policies as a hurdle to innovation.

Michigan HIE Implementing Alerts for Social Determinants of Health

Great Lakes Health Connect (GLHC), Michigan’s health information exchange (HIE), is partnering with health IT solutions company Holon Solutions to enable alerts that address patients’ physical, mental and social determinants of health.